On Fri, Jul 24, 2009 at 09:39:25PM +0100, Frank Leonhardt (t200...@fjl.co.uk) wrote:
> > How much good do your locks do when police comes and wants to > > confiscate your servers because they suspect one of your users > > has done something criminal? Do you trust they take as good care > > of the machines as you do? > > How do you know I'm *not* the Police? I don't. But I do know dovecot is being used by people who are not, and probably also some who have a reason to distrust the police. > We're in very interesting territory here, and it's going to depend on your > local laws. In England the police are pretty okay Sure. Ditto in Finland. But not everywhere. > In England, if you can't decrypt the data it can be a bit awkward > (RIPA) In some places it could save many people from torture and death. (There are situations where the *good* option is having just yourself tortured to death because you *can't* decrypt the data.) OK, that's a bit extreme, but it's not hard to imagine more common scenarios where being able to just delay the decryption could be useful. > [...] the rogue administrator ought to be able to circumvent encryption > anyway - if it's whole disk it's effectively not encrypted. Whole-disk encryption is ineffective against rogue admins, yes - only application-level encryption (decrypting in client) helps there. But whole-disk encryption is useful against untrustworthy police and burglars, even when application encryption is also being used in the way being discussed, where only message content is encrypted: logs and header information and the like can be critical, too. > The main reason I'd be in favour of application-based file encryption is to > get around the fact that whole-disk encryption is meaningless as protection > from the operator - if the operator is dodgy (or someone's bypassed > security) then they can read the mail files just as easily as everything > else. If the files themselves are encrypted then access to the running > system won't reveal their contents (although it would help). I'm in favour of both whole-disk and application-based encryption. They complement each other, neither makes the other useless. -- Tapani Tarvainen