Victor Duchovni wrote:
On Sat, Nov 18, 2006 at 11:13:45AM -0500, Brian Thompson wrote:
This applies to encrypting email content (S/MIME, PGP, ...), but not to
use of TLS, which leaves the delivered email in the clear.
According to the sendmail docs:
"privacy/confidentiality: the transmission of an e-mail between a client
and server utilizing STARTTLS can not be read and retranslated into
plaintext provided a sufficiently secure ciphersuite has been negotiated."
This is silly. Note the word *transmission*. Email supervision does not
require clear-text transmission, because it is done against stored data,
not eavesdropped network packets. Over and out.
Hardly. You're trying to treat potentially legal problems as purely
technical ones. Organizations hauled into court can't always say "trust
me", and organizations may want to quietly use outside consultants if
they're investigating/monitoring their own IT departments.
Then there's the whole "cryptography is illegal in the People's Republic
of Freedonia" factor....
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
