[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 21 June 2002 6:51 pm, Adrian Midgley wrote:
I don't entirely like that.
yes, this is true - however, i'm analy retentive about things like credit card numbers, user detaills (name, address, phone number), passwords, etc.. silly users send our support things like this on a regular occasion, and although i trust my security, you can *never* be too secure. I rmember doing some work for a dot com that stored credit cards in a very secure database, on a sepreate network, only connected via a serial cable to the webserver (like we do), but one day, someone walked away with the server. ok, it wasn't hosted in telehouse, and they were silly not to have bars on the server room, but it's an often overlooked thing. what would happen if someone who lived in plymouth broke into my house, stole my mail server (after they have fought my 3ft tux that guards it ;p) and booted up using a rescue disk, then found all my emails?
There is a lot of scope for a building to building or department to department (or Practice to Hospital/Consultant's office) automatic encryption and signing thing built into the MTA, but for individual users, there should really be an _action_ of signing.
signing, *deffinatly* i would never ever ever allow mail to be signed automtically on a mail server, it makes the whoele point of it useless. However one way encryption using a public key can be very useful. plus, many customers don't like the idea we *could* (although never do) read their mail. ~ Theo - -- Theo Zourzouvillys http://zozo.org.uk/ Soap and education are not as sudden as a massacre, but they are more deadly in the long run. -- Mark Twain -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9E6EN448CrwpTn6YRAim5AJ0ZCfkAfNx16ZxeNLNwr6eBejxFjgCbBnVW 39w/wN7VLqZlnT0u5Yl7aLg= =9jO9 -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.