| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Thu, 9 Sep 1999 10:08:05 -0400 Message-Id: <199909091407.KAA10278@domains.invweb.net> From: "William H. Geiger III" <whgiii@openpgp.net> To: Multiple recipients of list <cypherpunks@openpgp.net> Reply-To: "William H. Geiger III" <whgiii@openpgp.net> In <v04210127b3fc5d48cdf8@[204.167.108.57]>, on 09/08/99 at 03:09 PM, Robert Hettinga <rah@shipwright.com> said: >Privacy Concerns - >http://www.angelfire.com/biz/privacyconcerns/index.html >The Park to Offer Secure Web-based E-mail -- Privacy Assured Through >Automatic Encryption That is Transparent to Users > > SAN FRANCISCO--(BUSINESS WIRE)--Sept. 8, 1999--The Park, a global >Internet community, which has attracted approximately 40 million visitors >from 86 countries since it was founded in 1994, will add advanced >encryption software to its servers by month-end, which will allow >visitors to its site to send totally secure and private Web-based e-mail. > > Called ParkMail, the new secure e-mail service will be free at >www.the-park.com. The security will run automatically in the background, >and be completely transparent to users. > > Current e-mail messages from ISPs and Web portals can easily be >intercepted and read. ParkMail uses advanced RSA encryption software, >which automatically encrypts all messages, including attached text and >graphic files, at the Park's servers before they are distributed. > > "While there are several encryption programs that can be >downloaded, they require the user to go through a series of steps to >encode each message. They aren't automatic or transparent," noted The >Park's Founder, Brent Hunter. "This will give anyone who visits our site >complete security to send private messages and sensitive private or >corporate information via e-mail at The Park without fear of being >intercepted." Well I couldn't find any additional information at their website but it sounds to me that they are using simple point-to-point encryption via SSL: User A connects via SSL to the Web based mail account. Creates his e-mail message. "sends" it to User B (actually it just gets put into User B's mailbox at the site). User B connects via SSL to the Web Based mail account. Retrieves his e-mail messages. Their may be some file encryption of the stored messages. They could accomplish end-to-end encryption but this would require the user to generate his own keys, perhaps using a Java plugin. It is rather hard to tell what they are doing from the above press release but I seriously doubt it is something I would want to trust sensitive data to. I really do find depressing the SOP of so called "reporters" to just blindly regurgitate press releases as "news". -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) ---------------------------------------------------------------
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |