[2308] in linux-security and linux-alert archive
[linux-security] Re: SUMMARY: IMAP security across the net
daemon@ATHENA.MIT.EDU (Daniel Zen)
Wed Feb 16 02:43:28 2000
Message-ID: <38AA1097.A94F90B3@zendigital.com>
Date: Tue, 15 Feb 2000 20:51:03 -0600
From: Daniel Zen <daniel@zendigital.com>
MIME-Version: 1.0
To: Blair.Lowe@compeng.net
CC: linux-security@redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Resent-From: linux-security@redhat.com
I just want to say that the compilation of answers on reading IMAP
e-mail securely was excellent. I currently read my IMAP mail through an
SSH tunnel, but have always wanted to use the built in encryption in the
e-mail clients, and I am in the process of setting it up based on your
message.
However, being a little excessive, I want to go even further. I imagine
e-mail being delivered and then encrypted with a public key before being
placed in my IMAP folders.
Then when I go to read my e-mail, I connect over SSL and my password
unlocks a private key which is (relatively) well encrypted on the
server, decrypts my e-mail before it sends it to the client. Of course
any content that is cached in the e-mail client is insecure, but the
large amount of archived e-mail I have on the server is both accessible,
and (relatively) safe even if my system is comprimised.
This is a a bit theoretical, but I was wondering if you thought there
was a way to configure my server to do this without writing a lot of
source code. Also can I have opinions as to whether this enhances my
security, or if there is a way (without going too far overboard) to
enhance it even further, and still give me the flexibility to use a
standard e-mail client. My goal is to prevent even someone with root
access from reading e-mail on my machine.
Thanks again for your efforts. I have installed OpenSSL and am reading
through the documentation now.
Daniel Zen
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
