Well, one addition. With standard POP, the password is sent cleartext.
It would be nice to find a way to establish a secure encrypted chanel
before the password is sent. This would entail some sort of SSL POP
client (or something similar).
Greg
--------------------
Greg Whalin
gwhalin @
numerix .
com
On Fri, 27 Sep 1996 Fernando .
da .
Silveira .
Montenegro @
nutspgw .
nutec .
com .
br wrote:
> On 27 Sep 1996 11:15:34 -0700, in listas.firewalls you wrote:
> >> Why not setup an encryption server .. all mail that needs to be
> >> encrypted can be addressed to this machine - encrypted - and then passed
> >> on to the mailing gateway/hub ...
> >> This is what we are talking about, right ?
> >No, not Realy. I'm talking about the Connection between the Central
> >POP-Server and the Desktop PCs. (Or, even worse Mail Reading from Outside
> >the Firewall).
>
> People,
>
> Suggestion: mail server receives Internet mail and encrypts it with
> recipients public key.
>
> When the user contacts the POP server to receive his e-mail, it goes
> over the wire encrypted, and the POP client should decrypt it.
>
> I know Pegasus Mail has an API for integration of crypto algorithms,
> and somebody already did a PGP Interface. Perhaps we could take it
> from there? We would need:
> - Modified mail server that receives e-mail and checks a key database
> for the recipients public key, encrypting it *before* placing on
> user´s mailbox
> - Stock POP server, since all it has to do is forward the encrypted
> mail to the user´s PC.
> - Modified client software that decrypts e-mail after receiving it
> from POP server. Pegaus would be a nice starting place.
>
> Hope this helps.
>
> Fernando
>
> --
> Fernando da Silveira Montenegro mailto:silveira @
nutec .
com .
br
> Novas Tecnologias http://www.nutec.com.br
> Nutec Informatica
> Sao Paulo, SP, Brazil #include <std_disclaimer.h>
>
References:
|
|
