[OT] CLI for noobies: The keys to GnuPG

[R. Hirschfeld]

Clint,

> Date: Thu, 01 Jul 2004 20:58:49 -0500
> From: Clinton MacDonald <clint.macdonald@sbcglobal.net>

> > You can get opportunistic transport-level encryption of email by
> > enabling STARTTLS in your MTA.
> 
> I don't know what any of this means, but it sounds as if I would have to 
> be my own ISP for this to be effective. Certainly, I would be unable to 
> send an encrypted e-mail to my Mom with this technology unless her 
> e-mail client already had the guts of it enabled. And, what if Mom were 
> an AOL user?

Sorry if I was obscure.  What it basically means is that you can set
your mail server to use SSL encryption when talking to mail servers
that support it (more and more do, as ISPs use it to protect passwords
during SMTP authentication).  Many Unix MUAs (mail clients) just hand
off to the local mail server when sending mail.

In this way, it is possible that your email to your mom would be
encrypted while traveling to her mailbox.  You wouldn't specify that
you want the message encrypted; it just happens (if her ISP's server
supports it).  If the message goes via a relay, though, it might not
be encrypted after that point.

> I think that the problem with this is that it is commercial (and I am 
> not trying to start an Open Source versus Commercial Software flame war 
> here). In this day and age, computer end-users expect their e-mail 
> clients to be *free*, in the sense that it comes with their system 
> (Apple's Mail.app or Microsoft Outlook Express), or that it is supplied 
> by their corporate IT people (Microsoft Outlook).

My impression is that PGP Universal is intended for a corporate
environment in which it is set up by a network administrator and then
used (transparently) by all employees.

There are at least two proposed open standards under development for
end-to-end encryption of email: S/MIME and OpenPGP.

Ray