[Djigzo users] prerequisite for encryption

Fri, 25 Mar 2016 05:31:02 -0700 

Hi,
I had several discussions with other vendors of mail encryption gateways and all told me that I'm wrong. But today Ciphermail did some thing I've predicted and proved that I was right. 

This is what I think, please correct me if I'm wrong:


For me s/Mime (like PGP) is a encryption system based on public and 
private keys. If some one has access to the public key he can encrypt 
some thing which only can be decrypted with the private key. So, when 
some one sends an s/Mime signed mail to me I should be able to send a 
encrypted mail to him even if I do not have a s/Mime certificate for my 
e-mail address on my system.



Exactly this happened on my site with Ciphermail. I have a s/Mime 
certificate for my e-mail addresses imported in Ciphermail and some one 
else sent a signed mail to me. With this mail Ciphermail stored the 
public key of the third party. When I mail to him Ciphermail does what I 
would expect and encrypts the mails. Yesterday a other mail user of my 
site which has no certificate in Ciphermail received a mail from exact 
the same person and replied. The reply got encrypted by Chiphermail 
despite the sender has no certificate imported to Chiphermail. This was 
what I would expect to happen.


Bravo Ciphermail! :-) And thank you Ciphermail! You proved me right!


I had a discussion with the support of an other encryption gateway and 
asked them, why mail sent to me from the other site got not encrypted 
despite the system recorded my signature with my public key. They told 
me that the mail do not get encrypted because the *sender* does not have 
a certificate imported to their system and that it is impossible to send 
s/Mime encrypted mails without a certificate for the *sender*.


And now Cipher mail did exactly that.


Please tell me: Is this a misbehavior of Ciphermail and does it not 
conform to the standard? I don't think so.



I think that when I use a MUA to send encrypted mail it is very 
important to have a certificate installed in the MUA because this is the 
only way to encrypt the mail to the recipient AND to myself so I'm also 
able to read what I've sent. But when a gateway doe the work it is not 
mandatory that the sender has a certificate to send an encrypted mail.


cheers
Matthias



--

MHC SoftWare GmbH

Fichtera 17                  
96274 Itzgrund/Germany   


voice: +49-(0)9533-92006-0
fax: +49-(0)9533-92006-6
e-mail: i...@mhcsoftware.de

HR Coburg: B2242
Geschäftsführer: Matthias Henze



_______________________________________________
Users mailing list
Users@lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users






















					Reply via email to