On Sun, Oct 24, 2010 at 11:22:24AM +0200, martijn.list wrote:
> > Just use opportunistic TLS on both ends and go.
>
> It depends on the requirements whether TLS is good enough. It's not
> always possible to be 100% certain that the complete route is TLS
> protected. All intermediate servers should protect the message with TLS
> and this is something the sending server cannot enforce. For example if
> you are using fallback SMTP servers hosted by some external company in
> case of problems how can you be 100% certain that the email is TLS
> protected?
The "secure" and "fingerprint" TLS security levels address this issue.
> If your requirements are such that you must be 100% certain that your
> email is protected all the way, you should protect the message, not just
> the channel.
No, protecting the channel is quite sufficient, and by the far the
simplest approach, if the goal (as stated) is secure delivery between
two sites.
--
Viktor.
