Author: Bill Hacker Date: To: 'Exim User's Mailing List' Subject: Re: AW: [exim] Securing Email for the prying eyes of any government
Steffen Heil wrote:
> Hi
>
>
>>The "existing techiques" are in fact to use end-to-end
>>encryption by using the likes of PGP.
>>
>>Really. The world _MUST_ change in order to implement this
>>level of security.
>>
>>There is no other proper security technique available which
>>meets your stated needs. Period.
>
>
> There IS another security technique (which is the same behind the scenes)
> which is as secure. It is S/MIME. It works as well as PGP but is easier for
> key verification.
> I do not understand why so many people prefer to use propietary gpg or pgp,
> when s/mime is available for such a long time.
>
> Regards,
> Steffen
>
One answer to that may be:
'because Microsoft chose to break S/MIME but hasn't been as capable of
breaking gpg/pgp'.
Too many clients are MS to ignore that, and too many more serious
security holes are tolerated by those who use such clients.
Further, neither business nor home users can (so far) be bothered with
the nuisance/overhead of *any* form of encryption, MS-client or otherwise.
ESMTP, STARTTLS, SSL/TLS in general, and some of IPV6's features, OTOH,
are helpful largely because they are transparent to the end-user. 'No
effort required' is the 'standard'.... if there is a standard.....
