tack <[EMAIL PROTECTED]> wrote: >an issue was raised about the availability of ssl based logins and >transport. my comment on that was to rely on client based payload >encryption, and an authentication scheme where passwords do not traverse >the network. PGP and kerberos can do that. In place of kerberos, you >could use a one time password scheme like securID or OPIE.
The problem is the lack of widespread support for kerberos. At least TLS is available in the dominant (sigh!) email readers. It's just not available from the majority of regular ISPs. >In general, having decent mail authentication and transport security is a >problem for everybody, not just wireless. The clients and protocols for >across the board improvement such that availibility doesn't suffer exist, >be it SSL/TLS or some other system and I feel the largest barriers to >implementation are political and educational. Indeed. The nature of the work we do is that we have to routinely send reports to customers securely. We've been using PGP with some success but have hit several large companies where a) PGP is banned or b) they routinely bar emails with attachments. We're never going to get there with these sort of blanket policies. I guess it's just possible that the popularity of WiFi and the attendant increased awareness of security risks might change this. -- Julian Bond Email&MSM: [EMAIL PROTECTED] Webmaster: http://www.ecademy.com/ Personal WebLog: http://www.voidstar.com/ CV/Resume: http://www.voidstar.com/cv/ M: +44 (0)77 5907 2173 T: +44 (0)192 0412 433 -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
