-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Jul 16, 2009 at 12:51:32AM -0700, Seth Mattinen wrote:
[...] > Encrypting with a public key is completely reasonable, but for proper > security, the decryption should only take place on the client's trusted > workstation with their private key. Hear, hear! Let me state it again: nothing is gained with server-side *de*cryption which can't be achieved more easily with disk encryption. Werver-side encryption is another thing... Yes, Seth, I'm just paraphrasing you, but this is so important (and often forgotten) that it cannot be over-emphasised. And the infrastructure for that is already there: gpg-encrypt every mail on delivery with the users public key. The user's MUA should take care of the rest. Alas, (server-side) full text search goes out of the window with that (unless there is a clever scheme to do some indexing without giving away too much info, but there I reached the limit of my knowledge :) Regards - -- tomás -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFKXvyMBcgs9XrR2kYRAijYAJ4nIteX/70MmvpEIeHILbqNictHjACeLAv+ xzTTkbTbhGUdG9HYDItXioI= =JstP -----END PGP SIGNATURE-----
