Open Source Applications Foundation

[Design] submission for specs.

Simon Mon, 21 Oct 2002 18:37:40 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

'Lo petite_abeille,

On  Mon, 21 Oct 2002 18:02:48 +0200 your time, you authored this:

p> I'm always very puzzled when people start to make a big deal of email
p> "security". There is no such thing. Email, by its very nature, is more
p> or less public. What's is the point of providing strong encryption and
p> convoluted password schema when the entire message loop is not secure?
p> It sounds like being extra careful to lock the front door, when the
p> entire house if fully open.

Well  I  disagree and agree. Encryption IMO is analogous to sending a letter
in  an  envelope and using a tamperproof seal to secure it and protect it on
its journey whereas nonencrypted messages are analogous to simply sticking a
postcard  in  the  mailbox.  IOW,  it  entirely depends on the nature of the
communication  as to how *you* decide to send it; encrypted or not encrypted
is  a  personal  choice based on the nature of communications. Envelopes and
seals  were  implemented  to carry private messages after letters were born,
just  as  encryption  is implemented now to keep mail private on its journey
from  sender  to recipient. Whether the journey is insecure is not the point
really.

I don't care at all if someone intercepts my encrypted email after I've sent
it.  And  if they are interested in my email postcards then so be it. Before
my  private  email  hits  any  remote  SMTP it's tight and secure using PGP,
without  taking  advantage  of  any  other security measures on the way. The
vulnerability  isn't  the  journey,  but any local threat that there may be,
like keyloggers, etc.


- --
Slán,

 Simon @ theycallmesimon.co.uk

__________________________________________
PGP Key: http://pgp.theycallmesimon.co.uk/

-----BEGIN PGP SIGNATURE-----
Comment: Privacy is freedom. Protect your privacy with PGP!
Comment: KeyID: 0x5C7E8966
Comment: Fingerprint: 851C F927 0296 FF1C 70A2  474F CB6E 6FFE 5C7E 8966

iQA/AwUBPbQ7ZMtub/5cfolmEQJ76gCfWhl0lbDIGOz5X7YWP3yKsjfRPccAoKOL
0dL7LE+L8DQ7IqsGlAK+evqM
=zbeS
-----END PGP SIGNATURE-----