Date: Wed, 6 Aug 2008 09:48:25 +0800 From: "Mohamad Faizul Zulkifli" <mypiju@gmail.com> To: "FreeBSD Questions Mailing List" <freebsd-questions@freebsd.org> Subject: Re: OT: encrypted email using web based application Message-ID: <1de16aa10808051848l6b45539dgf1939b631a0ecd87@mail.gmail.com> In-Reply-To: <20080731205033.GA6805@kokopelli.hydra> References: <d356c5630807300514pa9d94adl1e257d51ce8c1650@mail.gmail.com> <4890694A.9030607@lvor.halvorsen.cc> <20080731205033.GA6805@kokopelli.hydra>
next in thread | previous in thread | raw e-mail | index | archive | help
how about squirrelmail and horde ? On Fri, Aug 1, 2008 at 4:50 AM, Chad Perrin <perrin@apotheon.com> wrote: > On Wed, Jul 30, 2008 at 03:14:50PM +0200, Svein Halvor Halvorsen wrote: > > Andrew Gould wrote: > > > If I start with Subject line with the word "secure" using my work's > email > > > system, the email is sent to a secure, web based application where the > > > recipients can view the message securely. The recipients receive a > message > > > that a secure email message is waiting for them there. They have to > create > > > an account based upon their email address to view the message. They do > not > > > have to recreate the accounts for future messages. > > > > > > This system is easy to use; and we don't have to worry about whether > the > > > recipients have PGP or GPG. Is there an open source application that > does > > > this? > > > > How is this secure? Ok, I can see that if the message is served over > > https, then the network packages themselves cannot be sniffed > > easily. But as long as the recipient did not give you the key to > > use, then this is not secure. Why should the recipient trust the server? > > > > Whether there is an open source solution, I don't know however. > > It depends on your definition of "secure" -- which can vary from one > circumstance to another. If the emails in question are "company > property", there's no reason to consider access to the emails by company > officials a breach of security. On the other hand, if sensitive company > information is sniffed in plain text on the network, that could be > disastrous. > > From the sound of it, the circumstances the OP described refer to such a > situation -- one where strict person-to-person privacy isn't a necessary > goal of relevant security concerns. > > -- > Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] > Scott McNealy: "Microsoft is now talking about the digital nervous > system. I guess I would be nervous if my system was built on their > technology too." > -- Mohamad Faizul Zulkifli http://piju.fakap.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1de16aa10808051848l6b45539dgf1939b631a0ecd87>