[Discuss] Secure Email

Dan Ritter dsr at randomstring.org
Wed May 13 06:56:55 EDT 2015


On Wed, May 13, 2015 at 12:34:36AM -0400, Greg Rundlett (freephile) wrote:
> I'm considering email service* for my domain and wonder if anyone has
> experience with Hushmail, S-Mail or Kolab Now?
> 
>    - http://www.s-mail.com/inf/1/users.shtml.en
>    - https://www.hushmail.com/hushmail-business/
>    - https://kolabnow.com/moving
> 

You'll have to define what you want. In my experience, the
problems with things called "secure email" are:

- People at the other end can't/don't use it, thus rendering it
pointless.

- You are unlikely to be able to use it with normal email tools

- Traffic analysis still works against it

-  Sometimes it's not really email. It's a proprietary message
database with an http/s frontend, that sends little email notices saying
that you have a message, please log in. That's both a SPOF and a
trust requirement.


If you ignore usability and traffic analysis, PGP/GPG encrypted
bodies are probably best.

If you can't ignore usability, I don't know that there's
anything useful.

-dsr-



More information about the Discuss mailing list