Victor Duchovni wrote:
On Sat, Nov 18, 2006 at 08:17:13AM -0700, Bear Giles wrote:
(Aside: why would an organization insist on internal cleartext? One big
cause is sexual and racial harassment complaints. Settlements routinely
require the organization to monitor all email for offensive content.)
This applies to encrypting email content (S/MIME, PGP, ...), but not to
use of TLS, which only leaves the delivered email in the clear.
According to the sendmail docs:
"privacy/confidentiality: the transmission of an e-mail between a client
and server utilizing STARTTLS can not be read and retranslated into
plaintext provided a sufficiently secure ciphersuite has been negotiated."
Reference:
http://www.sendmail.org/~ca/email/starttls.html
-Brian
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
