Re: [Exim] server-side management of public keys?

Góra strony
Delete this message
Reply to this message
Autor: Kurt Lieber
Data:  
Dla: exim-users
Temat: Re: [Exim] server-side management of public keys?
Kurt Lieber said:
> OK, but we're talking about encrypting messages with people's public
> keys, so I don't see how an unauthenticated client could increase risk.
> Again, I'm talking about managing *public* keys server-side. I never
> said anything about private keys.


After I sent this message, I realized you were talking about digitally
signing of messages sent by internal people, where I was referring
primarily to encrypting messages destined to external recipients. I agree
that you absolutely need to have some strong authentication in place if
you start digitally signing outgoing messages, though I still think this
can be effectively managed server-side, when combined with the necessary
precautions like SMTP/TLS.

Anyway, just thought I'd clarify.

--kurt