Serverside Sign and Crypt E-Mails

Bernhard Reiter bernhard at intevation.de
Wed Apr 12 14:58:53 CEST 2006


Hi Giovanni,
this is getting slightly offtopic, but here are a few remarks.

Am Dienstag, 11. April 2006 18:43 schrieb Giovanni Baroni:
> Of course serverbased signing/encrypting isn't a very secure
> scenario.... but much better than nothing.
>
> I personally think.... if this sign/encrpytion/decryption process is
> transparent to the user.... more people would use it.

I doubt this to some extend as they might get a false feeling of security.
It would be better if as administrator you speak to the administrators
of the companies you exchange a lot of email with and add TLS for SMTP
between your MTAs.

> It's not very userfriendly to use this tools on the client. Also it
> depends on the client (outlook, thunderbird, webaccess....)
> It's also a horrorscenario for administrating this for all clients :(

I disagree as  after the Ägypten Project doing this with KDE is not harder
then to regularily install a KDE. It is quite user friendly.

> I think the acceptance of signing/encrypting and also of the Kolab
> solution could gain by automating this.

Because of the fear of lower security, because of false feeling for higher 
security, I am not yet fully convinced of this.

> ------
> Currently im trying gpg4win with toltec and konsec Konnektor.
> Toltec has problem to decrypt... no Problem to encrypt... but alot of
> stability disadvanteges.
>
> Konsec has problem to encrypt... no Problem to decrypt... run's stable
> in combination with the GPGol Plugin.

I suggest to send good feedback to the vendors, so they have a chance to 
improve their products.

Bernhard

-- 
www.kolab-konsortium.com  Professional Maintenance, Consultancy and Support.




More information about the users mailing list