[unisog] PGP and S/MIME

Russell Fulton r.fulton at auckland.ac.nz
Thu Nov 3 07:42:52 GMT 2005



Christensen, Eric wrote:
> Has anyone done a serious rollout of secure e-mail?  I've been trying to get
> folks to use S/MIME certificates (like Thawte) but not everyone sees the
> benefits.  I was testing out PGP for the last few days but it really taxed
> my computer (using PGP Desktop).  I see that at least one person on this
> list is using PGP.  Anyone else?  Opinions?
> 

I don't know of any educational organisation making wide spread use of
encrypted email internally.  In fact the only person I know who works
for an organisation that routinely encrypts email is my sister in law
who works for our Ministry of Foreign Affairs as a Diplomat.

I use PGP occasionally, mostly for signing notices to various Cert etc
and very occasionally I'll encrypt something too.

As others have noted TB with Enigmail works fine -- for me on Mac OS X.

There are very real problems in deploying encrypted email on a wide
scale.  The worst problem (IMHO) is key management and in particular key
revocation and escrow -- yes your users will loose their private keys
and forget their passphrases.  They will also expose their private keys
by choosing lousy passphrase since these are not centrally managed.  All
in all it turns out that encrypted email is far more trouble than it is
worth for most large groups.

The exceptions are those organisations who have very high value secrets
that they need to exchange on an on going basis and a rigorous
disciplinary framework to ensure that things are done 'properly' (well
that's the theory anyway ;).  Eg. military and diplomatic services.

PGP can be made to work quite well for smallish groups of technically
savvy people who are capable of looking after their own keys and
protecting them adequately.  The computer security community is a good
example of such a group and many of us have keys on public servers and
know how to verify these if we need to use them.

I could also see setting up PGP for a small group of managers or
academics who take security seriously (i.e. they can be trusted to use
sensible passphrases etc.) to exchange mail within the group.
Revocation is easily handled in this situation as is escrow.  You may
want to encrypt all messages with a master key as well as an additional
safe guard against loss of keys (store the master in a safe somewhere
with well controlled access ;).

Cheers, Russell


More information about the unisog mailing list