[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 14/01/15 07:29, peter walker wrote: > > > On 14/01/2015 06:29, Mark Evans wrote: > >>> If the high street banks had got together and agreed that encrypted >>> email was the way to go then we could all communicate with them securely >>> without the need for other programs/web pages. As the banks all want >>> proof of id for everything (often in person) then they would have been >>> in an ideal situation to kick off some key signing. > >> The obvious problem is that many people use webmail run by foreign >> companies. Protecting keys (and passphrases) from such entities is a non >> trivial task. > True. I hadn't considered that. JavaScript PGP would help but only from > your own device. There again, why would you check sensitive email from > an untrusted machine? The point with webmail is that the untrusted machine is that running the webmail service. Whereas using IMAPS, especially with a certificate which won't be blindly trusted by the client, means that it's possible to ensure that keys, passphrases and plaintexts are secure.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq