Great Circle Associates Firewalls
(September 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: 'secure' intranet mailreading?
From: Marc Mosko <marc @ tear . com>
Organization: Forte Systems
Date: Fri, 27 Sep 1996 14:03:37 -0700
To: silveira @ nutec . com . br
Cc: firewalls @ GreatCircle . COM
References: <52h5k6$pep @ srv1-mvw . nutec . com> <324c23ef . 101833501 @ 200 . 246 . 248 . 99> 
Perhaps you could just use Lotus Notes?  It can both encrypt the mail
(this is a user-by-user option for the mail server to automatically
encrypt all received mail with the users public key) and use an
encrypted IP channel between the client and server.  Already RSA-based,
pretty user friendly.  Does require a fat client, rather than just a
browser/POP client.

Works very well over the Internet.  I used it for about 2 years with my
previous company.  We only had a 56k line too.

silveira @
 nutec .
 com .
 br wrote:
> 
> On 27 Sep 1996 11:15:34 -0700, in listas.firewalls you wrote:
> >> Why not setup an encryption server .. all mail that needs to be
> >> encrypted can be addressed to this machine - encrypted - and then passed
> >> on to the mailing gateway/hub ...
> >> This is what we are talking about, right ?
> >No, not Realy. I'm talking about the Connection between the Central
> >POP-Server and the Desktop PCs. (Or, even worse Mail Reading from Outside
> >the Firewall).
> 
> People,
> 
> Suggestion: mail server receives Internet mail and encrypts it with
> recipients public key.
> 
> When the user contacts the POP server to receive his e-mail, it goes
> over the wire encrypted, and the POP client should decrypt it.
> 
> I know Pegasus Mail has an API for integration of crypto algorithms,
> and somebody already did a PGP Interface. Perhaps we could take it
> from there? We would need:
> - Modified mail server that receives e-mail and checks a key database
> for the recipients public key, encrypting it *before* placing on
> user´s mailbox
> - Stock POP server, since all it has to do is forward the encrypted
> mail to the user´s PC.
> - Modified client software that decrypts e-mail after receiving it
> from POP server. Pegaus would be a nice starting place.
> 
> Hope this helps.
> 
> Fernando
> 
> --
> Fernando da Silveira Montenegro       mailto:silveira @
 nutec .
 com .
 br
> Novas Tecnologias                     http://www.nutec.com.br
> Nutec Informatica
> Sao Paulo, SP, Brazil                 #include <std_disclaimer.h>

-- 
   Marc Mosko                   Email: marc @
 tear .
 com
                                Web:   http://www.tear.com/

   "If anyone knocks out another's eye, he shall pay him
   sixty-six shillings, six pence, and a third of a penny."
   -- Leges Henrici Primi (13th century)

           PGP Key available via Public Servers and
               http://www.tear.com/pgp-key.html
References:
Indexed By Date Previous: Re: SparcLinux/OS for a secure bastion host
From: long-morrow @ CS . YALE . EDU
Next: RE: IPsec
From: Gene Lee <genel @ inforamp . net>
Indexed By Thread Previous: Re: 'secure' intranet mailreading?
From: Greg Whalin <gwhalin @ numerix . com>
Next: Re: 'secure' intranet mailreading?
From: silveira @ nutec . com . br (Fernando da Silveira Montenegro)
Google
 
Search Internet Search www.greatcircle.com