[113870] in cryptography@c2.net mail archive
Re: SSL/TLS and port 587
daemon@ATHENA.MIT.EDU (Ed Gerck)
Wed Jan 23 16:22:32 2008
Date: Wed, 23 Jan 2008 06:27:39 -0800
From: Ed Gerck <edgerck@nma.com>
To: Bodo Moeller <bmoeller@acm.org>
CC: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <47015c2b0801222150s55ce5277l84bd7e88e9baf64@mail.gmail.com>
Bodo Moeller wrote:
> You don't take into account the many users these days who use wireless
> Internet access from their laptop computers, typically essentially
> broadcasting all network data to whoever is sufficiently close and
> sufficiently nosy.
Yes. Caveats apply but SSL/TLS is useful and simple for this purpose.
> Of course using SSL/TLS for e-mail security does
> not *solve* the problem of e-mail eavesdropping (unless special care
> is taken within a closed group of users), but it certainly plays an
> important role in countering eavesdropping in some relevant scenarios.
The problem is when it is generalized from the particular case where
it helps (above) to general use, and as a solution to prevent wireless
wiretapping. For example, as in this comment from a data center/network
provider:
-------------
Now, personally, with all the publicly available info regarding
warrantless wiretapping and so on, why any private communications should
be "in the clear" I just don't know. Even my MTA offers up SSL or TLS to
other MTA's when advertising its capabilities. The RFC is there, use it
as they say.
-------------
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
