[unisog] secure email solutions

John Kristoff jtk at depaul.edu
Tue Apr 29 15:55:50 GMT 2003


On Sun, 27 Apr 2003 20:08:04 -0400
Tim O'Connor <tim at roughdraft.org> wrote:

> Hi, all.  I'm working on a project to see if we can put up some
> solution that will allow us to deliver mail securely -- at its
> best, encrypted end-to-end so that no plaintext travels across
> the Internet; at its most relaxed, encrypted internally so that
> a sniffer or a rogue user cannot easily grab sensitive messages.

The biggest problem you have is being able to dictate encryption outside
of your site.  I think there are two more practical things you can do
today.  One, ensure that strong authentication and encryption are used
between clients of your mail servers and the mail servers themselves. 
Two, provide the tools and education for end users to use something like
PGP for messages that should be protected on the entire path between
communicating parties.  The first one you should be able to do, the
latter is harder, but can be successful for some population of users and
percentage of mail.

John



More information about the unisog mailing list