[linux-elitists] Casual Encryption

Joseph Barillari joseph+lineli@barillari.org
Fri Jul 12 17:55:21 PDT 2002


>>>>> "ATP" == Aaron T Porter <atporter@primate.net> writes:

    ATP> On Fri, Jul 12, 2002 at 06:26:39PM -0400, Joseph Barillari
    ATP> wrote:
    >> The last hop of POP or IMAP is usually encrypted, because
    >> last-mile intranets are most accessible and vulnerable to
    >> casual sniffing.

    ATP> 	There's absolutely no reason for that. Call your ISP
    ATP> and demand IMAP-SSL or POP3s. Most MTA's support it these
    ATP> days, even Microsoft! I moved all my users to IMAP-SSL back
    ATP> in December and I haven't had a single complaint. Got people
    ATP> using Eudora, Mozilla, Pine, Evolution, Fetchmail and
    ATP> Outlook.

I think you misinterpreted my meaning. I was drawing a contrast
between encrypted mail-fetching protocols, which are quite universal,
and _are_ supported by my school/ISP, versus encrypted mail transport,
like SMTP with TLS, which is less widespread. I'm interested in the
latter.

Needless to say, I have bothered the IT team about it. The question
is: as a sysadmin, what would persuade you to adopt a technology that
provides only a marginal increase in security?

--Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 258 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20020712/25c60abc/attachment.pgp 


More information about the linux-elitists mailing list