Educause Security Discussion mailing list archives
Re: Email signing and encryption
From: Ken Layng <kml18 () PSU EDU>
Date: Thu, 23 Aug 2007 10:17:10 -0400
Many here at Penn State are using the free certs from Thawte. Bear in mind the pros and cons of this approach. On the plus side, they're free, and an internal PKI is not necessary, and the data is more private. However, if certs are ever corrupted or lost, and a backup is not available, it means total loss of the encrypted data. Also, many institutions prefer to have control over the issuing of these certificates. This affords the ability to store the keys and therefore help users recover from the lost key scenario mentioned above. However, this presents exposure from the privacy side. Finally, Thawte uses a "Web of Trust". This approach trusts the user community to assert the validity of individuals' identities. Doing so increases the possibility that a few rogue notaries could create false identities. An internal PKI lets you control the process of assertions. Ken Layng Penn State Gudena, Chandragupta wrote:
Email signing and encryption Hi, Is anyone using GnuPG (Gnu Privacy Guard) or PGP for digital signing and email encryption purposes? If not are there any other solutions that are being used? I would like to know your experience/ suggestions . Thanks. Chandragupta
------------------------- <!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri","sans-serif"; color:windowtext;} .MsoChpDefault {mso-style-type:export-only;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {page:Section1;} --> Hi, Is anyone using GnuPG (Gnu Privacy Guard) or PGP for digital signing and email encryption purposes? If not are there any other solutions that are being used? I would like to know your experience/ suggestions . Thanks. Chandragupta -- Ken Layng The Pennsylvania State University ITS/TLT/Training Services 23 Willard 814-863-8800 kml18 () psu edu <mailto:kml18 () psu edu>
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Email signing and encryption Gudena, Chandragupta (Aug 23)
- <Possible follow-ups>
- Re: Email signing and encryption Ken Layng (Aug 23)
- Re: Email signing and encryption Georgia Killcrece (Aug 23)
- Re: Email signing and encryption Georgia Killcrece (Aug 23)
- Re: Email signing and encryption Jeff Giacobbe (Aug 23)
- Re: Email signing and encryption David Seidl (Aug 23)