"A great deal of highly sensitive internal
email flows over these links, with the encryption totally transparent
to the end-users."
This is an interesting issue...how much information can be gleaned from encrypted "payloads"? Is it possible for a switch or whatever that has visibility up to layers 4/5/6 to determine (at least) what type of file is being sent? Can it determine at what layer encryption was performed? (These may be obvious to many of you, but I can only claim expertise in layers 0/1, and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible for hardware that examines large numbers of communiques to pre-determine that much is of no interest.
From: "Trei, Peter" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], "'Tim May'" <[EMAIL PROTECTED]> Subject: RE: What email encryption is actually in use? Date: Mon, 4 Nov 2002 09:37:59 -0500> Tim May[SMTP:[EMAIL PROTECTED]] > > > On Saturday, November 2, 2002, at 08:01 PM, Tyler Durden wrote: > > > "Prior to that, the encrypted email I've sent in the past year or so > > has almost always failed, because of version incompatibilities," > > > > While in Telecom I was auditing optical transport gear, and we adopted > > the practice of encrypting all of our audit reports to vendors. Of > > course, the chance of there being an eavesdropper (uh...other than > > NSA, that is) was a plank energy above zero, but it gave the vendors > > the imporession we really cared a lot about their intellectual > > property (if we determined a problem with their equipment, and if that > > info ever leaked, it could have a major impact on them). > > When I was at Intel we sent our designs for microprocessors to European > branches and/or partners. One set of designs sent to MATRA/Harris, a > partner in the 80C86, was stolen in transit. (The box of tapes arrived > in Paris, but the tapes had been replaced by the suitable weight of > bricks.) > I suspect that there is a fair amount of encrypted mail flowing over the net which is not obvious to ISPs. It's internal mail of large corporations. Many corps maintain VPNs between their offices, with encryption handled at the firewall. A great deal of highly sensitive internal email flows over these links, with the encryption totally transparent to the end-users. Of course, this is just internal stuff. The external mail is as open as everyone's been saying. Peter Trei
_________________________________________________________________
Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp
