[Top] [All Lists]

Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors

2013-09-18 14:40:20
The issue is - how do I know that the mail server I am sending the message to is the one I should be sending the message to? If I don't know that with a good degree of certainty, then using TLS won't achieve security, because I could simply be dumping my messages on a compromised server.

DNS, IP addresses and certificates could all be subverted by a government at a 'choke point' such as an international link.

Which is exactly what's already happening in many countries, e.g., Syria. Go ahead and use TLS all you want -- it won't help, because all the servers to which you can get IP-level connectivity are government run.

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>