Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: RE: Encrypted emails

RE: Encrypted emails

From: Locher Thomas <Thomas.Locher_at_swarovski.com>
Date: Fri, 11 Mar 2005 09:09:33 +0100

On a presentation i heard something about an appliance that encrytps mails
on the gateway. Maybe this would be an option...

http://www.pgp.com/products/universal/index.html

-----Original Message-----
From: Vinay Patel [mailto:vin1414_at_gmail.com]
Sent: Donnerstag, 10. Marz 2005 22:02
To: security-basics_at_securityfocus.com
Subject: Re: Encrypted emails

John,

Depending on the size of the organization, developing a PKI
infrastructure should not be an unmanageable "nightmare".

>From a deployment perspective, once you have established the key
components of a PKI, user enrollment and certificate management would
be a trivial challenge, especially using the tools provided by several
commercial vendors.

Using PKI, Integration of digital signature and encryption with
traditional email clients is well tested. If you have a new
partner/customer, a trust relationship needs to be setup only between
the root CAs, hence, the users would never need to configure any
additional keys or trusts.

On the downside of PKI is cost (assuming use of Commercial) and some
learning curve of the product, although the latter affects only the
administrator and not the users.

-V

On Wed, 9 Mar 2005 13:29:35 -0800 (PST), John Madden
<chiwawa999_at_yahoo.com> wrote:
> Hi,
>
> Looking at the potential deployment and solutions for
> encrypted emails i had a few questions.
>
> What do large organization do to ensure that email are
> securely transfered with a partner/customer for
> sensitive data ?
>
> Using public/private keys seems like a whole lot of
> problems...
>
> - How do you exchange keys ? Manually ? This might be
> ok for a couple of recipient but can you imagine
> hundreds/thousunds at different companies...
>
> - PKI, having to deal with the infrastructure could be
> a nightmare.
>
> - Employees learning curve....
>
> Are companies using an encryption software that will
> encrypt the messages/attachments and transmit the
> password to decrypt by phone ?
>
> I would like your comments/suggestions.
>
> Thanks
>
> John
>
>
> __________________________________
> Celebrate Yahoo!'s 10th Birthday!
> Yahoo! Netrospective: 100 Moments of the Web
> http://birthday.yahoo.com/netrospective/
>
Received on Mar 11 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]