[buug] Casual Encryption
Brian Sobolak
sobolak at myrealbox.com
Tue Jul 16 02:32:21 PDT 2002
Thanks for the pointer Aaron - I definitely will
look into that once my f&*()&in' DSL starts
working and I can actually get a server running.
Sometimes I wonder if Ashcroft is the Great Satan.
I wonder if there is finally enough outrage and
frustration with email that someone might get
around to changing the system. The beauty of RFC
822 (?) is that it's so simple - and that's its
downfall too.
It never ceases to amaze me that we send the bulk of
our email - our personal correspondence -
unencrypted throughout the world. Tack onto
that the large percentage of people that use
freemail accounts which include advertisements
directly in the messages. Who would ever accept
putting ads into a personal letter just so you
wouldn't have to pay postage?
In other email related news: check out Jon Udell's thoughts about using digital IDs as a way to counteract spam. This (besides SpamAssasin) could be the next killer app: a technology that doesn't just weed out spam, but prevents it.
brian
ps Pardon if these thoughts don't make sense. The sun isn't up yet and I'm already at work. Ah, the joys of insominia. <sigh>
-----Original Message-----
From: Aaron T Porter <atporter at primate.net>
To: buug at weak.org
Date: Mon, 15 Jul 2002 16:16:08 -0700
Subject: [buug] Casual Encryption
Just a quick plea for all you guys to seriously consider
enabling SMTP-TLS on any and all mail servers they control. With the US
government in Ashcroft juggernaut mode for the forseable future, I fear
that the use of encryption will quickly become a red flag for further
observation. If we can reach a point where a sizable portion of SMTP
traffic is encrypted regardless of the content we can reduce any
implications of sending encrypted mail. Probably doesn't make your
standard Carnivore install too happy either.
To clarify, using TLS is definately not as good as PGP/GPG, it
only encrypts the links between servers -- if your MX host isn't
trustworthy, they can get plaintext. TLS is just one small step towards a
more private email infrastructure.
On most mail systems, enabling TLS is incredibly easy (one line
config change on my Debian Sendmail box). It's a one-time fix that affects
even technologically challenged users. I've tacked some links below for
common MTA's.
Qmail http://www.esat.kuleuven.ac.be/~vermeule/qmail/tls.patch
Postfix http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/
Exim http://www.exim.org/exim-html-3.20/doc/html/spec_38.html
Sendmail http://www.sendmail.org/~ca/email/starttls.html
_______________________________________________
Buug mailing list
Buug at weak.org
http://www.weak.org/mailman/listinfo/buug
--
Brian Sobolak
http://www.planetshwoop.com/
sobolak at myrealbox.com
More information about the buug
mailing list