Re: On email and web security

On 14/01/2016 7:25 AM, "Doug Royer" <douglasroyer(_at_)gmail(_dot_)com> wrote:


On 01/13/2016 08:03 AM, Phillip Hallam-Baker wrote:

...
On 01/12/2016 06:27 PM, Phillip Hallam-Baker wrote:


That is precisely the point. With proxy re-encryption 'recryption' you
do not need to trust the mailing list server. Only the list admin
needs to be trusted with the master decryption key.


And you would have to trust the mailing list software verified that the
incoming email was encrypted, and by a trusted source, and only accepted
encrypted email.

If the list server accepted unencrypted email, encrypted it with the
lists key, would anyone be able to tell?


If it comes in plaintext, nothing stops the server (algorithmically or
morally) from adding a header or some body text that says "I encrypted
this, but before that it was clear"

At least then the recipients would know the message they received is the
one the list server distributed, even if not the original author.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: On email and web security, (continued) Re: On email and web security, Dave Cridland Re: On email and web security, Doug Barton Re: On email and web security, John Levine Re: On email and web security, Doug Barton Re: On email and web security, John Levine Re: On email and web security, Doug Barton Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, George Michaelson Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, Doug Royer Re: On email and web security, Matthew Kerwin <= Re: On email and web security, Doug Royer

Previous by Date:	Re: On email and web security, Doug Royer
Next by Date:	yang model easy editor, Hosnieh Rafiee
Previous by Thread:	Re: On email and web security, Doug Royer
Next by Thread:	Re: On email and web security, Doug Royer
Indexes:	[Date] [Thread] [Top] [All Lists]