> > The ideal toolchain would I think be something like this. > > 1. End users generate a keypair (ala PGP) and publish public keys. > 2. Bob uses MUA-level hooks to encrypt body of message using > Carol's public key, signing the message with his private key. > 3. MUA submits message to MTA using TLS-negotiated encryption, protecting > SMTP header info in transit along with already encrypted message body. > 4. Sender MTA delivers messaage to recipient MTA using similar TLS > wire-level crypto to protect SMTP header info. > 5. Recipient MTA delivers message; body remains encrypted. > 6. Carol verifies her trust in Bob's public key. > 7. Carol uses MUA-level hooks to decrypt Bob's message using her private > key and verifying Bob's key as the sender. Only the in-memory version of > the message is decrypted; the on-disk message remains encrypted. >
Excellent technical breakdown. It showed me some things I know & understand, a few things I don't and one thing I hadn't thought much about. Thank you! _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
