Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: SMTP Encryption (S/MIME) for Outlook question
From: "Volker Tanger" <volker.tanger () detewe de>
Date: Wed, 31 Mar 2004 11:20:48 +0200


On Tue, 30 Mar 2004 17:39:59 -0800 "Crist J. Clark"
<cristjc () comcast net> wrote:
Most email clients are pretty easy to use with respect to
S/MIME... Once you get the certificates installed. PKI. Managing
certificates for a decent-sized luser base is not fun.

And from our experience S/MIME standards are just standard within the
same product family. Outlook's S/MIME and Netscape's S/MIME won't work
together the last time we tried. 

What do other Win/Exchange/Outlook IT admins use for S/MIME?  

GnuPG (OpenPGP standard) ?

BTW, if there's something that will run on top of the SMTP gateway
server or the internal Exchange server to encrypt the message before
being routed to the Internet, this is also acceptable. 

A number of gateway servers. There is (was?) a software package from the
GnuPG group. There is the T/Bone gateway (at freshmeat - and from
http://www.bonelabs.com/). Utimaco has a crypto-gateway, too. 

Usually you'll want a single company-wide key when using a gateway to
ensure confidential mail across the internet. This way you'll have
plaintext emails via LAN though - if not using TLS.


Volker Tanger
ITK Security

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]