[unisog] Gmail for the University
michael.holstein at csuohio.edu
Tue Feb 28 14:23:06 GMT 2006
>I consider (expect) email to be private (secure) once it hits a
>message store. I also expect whomever runs that message store to
>prevent unauthorized access to my data...this may or may not require
Generally speaking, he who hold root also holds the keys .. so
encryption is technically no different than just trusting who guards the
unencrypted store, no?
In the Windows world, if you (despite Microsoft's recommendations to the
contrary -- http://support.microsoft.com/kb/834638/en-us) decide to put
your Exchange database on a EFS encrypted volume, then by default the
Administrator account is attached to the Key Recovery Agent role.
In the UNIX world, since root can become any user (generally), they can
also become the user that access to live (encrypted) volume.
I can't personally think of a valid reason to encrypt a message store ..
servers sit in a secured datacenter and are relatively immune to
physical attack (eg: being stolen) -- I'd rather spend my energy
ensuring the logical security of the system and not risk having a
corrupted and unmountable volume if cryptoloop (et.al.) has a brain fart.
Encrypting *access* and *transmission* (by using STARTTLS on SMTP and
POP/IMAP, or HTTPS on www) is another matter, but since so few sites by
default will do that, it's a non-issue at this point.
Personally, I treat email as I would a conversation in a somewhat
secluded restaurant -- not hard to eavesdrop upon for the moderately
At the moment, end-to-end security of email can only be accomplished
through the active participation of both sender and recipient.
My $0.0184 (6% Ohio taxes withheld)
Michael Holstein CISSP GCIA
Cleveland State University
More information about the unisog