Path: utzoo!attcan!uunet!lll-winken!lll-lcc!ames!mailrus!umix!b-tech!zeeff From: zeeff@b-tech.UUCP (Jon Zeeff) Newsgroups: comp.mail.elm Subject: Re: Mail Encypherment Message-ID: <4600@b-tech.UUCP> Date: 7 Jul 88 13:54:57 GMT References: <2085@hplabsz.HPL.HP.COM> <10319@ncc.Nexus.CA> Reply-To: zeeff@b-tech.UUCP (Jon Zeeff) Organization: Branch Technology Ann Arbor, MI Lines: 26 > >>Basically, I don't believe that there are any really robust >>encypherment systems that are quick and painless to use. That's >>okay, though, because the real reason one wants to encode mail >>is to prevent unauthorized browsing of the contents *in transit*. Actually, I'd like to prevent unauthorized browsing *anywhere*. I do use systems where I don't like the idea of someone with root looking through my mailbox. Don't do encryption at the transport layer. What would you use - a fixed encryption key? > >[ Given that the decryption routines would be available to the > system administrators, this still won't guarantee complete > security. > They would end up being available to everyone and so won't guarantee any security. Leave it out of the transport layer so that the system administrators don't have the key. -- Jon Zeeff Branch Technology, uunet!umix!b-tech!zeeff zeeff%b-tech.uucp@umix.cc.umich.edu