[Discuss] email privacy/security
Richard Pieri
richard.pieri at gmail.com
Mon Aug 5 11:30:47 EDT 2013
Tom Metro wrote:
> But S/MIME encryption is better than either.
No, it's not IF you value privacy. First problem with S/MIME is that it
depends on a certificate authority to issue X.509 certificates. We all
know how uncompromisable these are. Second problem with S/MIME is that
it's still susceptible to traffic analysis (I HATE the use of
"metatdata" for this because it isn't metatdata). "They" may not know
what you're saying but they know who you're saying it to, when, and how
often.
That said, it's not so much about valuing privacy (or anonymity) as it
is how much you value it. Sometimes traffic analysis is an acceptable
situation. For example, when I had to communicate with Rohr it was
effectively public knowledge: they were a contractor for the Venture
Star programme and we were specified as a software provider for the
programme. Anyone who cared could find that out easily enough. Keeping
the data private was the important thing.
--
Rich P.
More information about the Discuss
mailing list