[Evolution] Feature requests

Jeffrey Stedfast fejj@ximian.com
Wed, 05 Jan 2005 16:28:35 -0500
Previous message: [Evolution] Feature requests
Next message: [Evolution] Feature requests
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--=-gghdfFSvOOHmDkr9T3lC
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2005-01-05 at 15:10 -0600, Ron Johnson wrote:
> On Wed, 2005-01-05 at 14:36 -0500, Jeffrey Stedfast wrote:
> > On Thu, 2005-01-06 at 00:40 -0800, Amish Munshi wrote:
> > > Jeffrey Stedfast wrote:
> [snip]
> >=20
> > >  You dont have people in the market who=20
> > > can read encrypted mails, but you will definately have admins who wil=
l=20
> > > read mails if they are in plain text.
> >=20
> > then you fire them.
>=20
> After the damage is done, and *if* you catch him, some long time
> after the fact.
>=20
> [snip]
> > root has access to memory (even gpg has to store the password in memory
> > while decrypting something) and root also has access to your private
> > keys.
> >=20
> > so yes, they can decrypt it.
>=20
> But it's more difficult to find keys in RAM than to page thru an
> mbox.

it doesn't matter - the whole gpg argument is pointless anyway and has
no bearing on the original discussion.

we're talking about encrypting the mail only once it arrives on the
local machine... but presumably the admin can read the mail long before
it even gets to the user's local machine. so... the point of encrypting
would be...?????

since the admin has the ability to page thru the mbox file on the
server, why even bother trying to page thru memory to find the key on
the user's local machine in the first place? :)

this whole discussion is about "make me believe it's more secure even
tho it isn't" which is a complete waste of our resources.

if you guys want to send us a patch, go for it - but even you have to
admit that it doesn't fix the problem.

the way to solve this is to have everyone send you PGP/MIME (or S/MIME)
encrypted messages to start with, then it really is "secure" from start
to finish.

that is the ONLY solution. period.

Jeff

--=20
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj@ximian.com  - www.novell.com

--=-gghdfFSvOOHmDkr9T3lC
Content-Type: application/x-pkcs7-signature; name=smime.p7s
Content-Disposition: attachment; filename=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII4TCCAssw
ggI0oAMCAQICAwxi5zANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDQwNTI2MTYzMjMwWhcNMDUwNTI2MTYzMjMwWjBBMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR4wHAYJKoZIhvcNAQkBFg9mZWpqQG5vdmVsbC5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Vb2HPseWXVoGGRiqZIf6MpsjgScNggRA
mGLIM5ymRpEugcbm71e6kI0ON1gNZlUjxkO8Z0jtzNZZz8cKPxOQNok0ZTAYrcqBAT3H9+azSBOL
kLqB57aO7yLHFArFlq4V3hjJ6isZV9PQAmAlxQGqHb8vsixEoT0VJ26j6AzxfSvHrc5FnoZCR/9M
szwONbRZ+xsQM2vTXXTkmjCaWO9FBsl2/xo1i7FN9+/I8J+wCY90dviUQ7ZWZb0Dkwbkkpgq0ZEb
/5QXSshQs0t5ZNXB5m/CHr8SxgdxSZmKjkgEVInbLtB2OeJY5YitY5t4RdaSYTTnEzgwOpMfCGr5
twjVAgMBAAGjLDAqMBoGA1UdEQQTMBGBD2ZlampAbm92ZWxsLmNvbTAMBgNVHRMBAf8EAjAAMA0G
CSqGSIb3DQEBBAUAA4GBAC3lN1sOgjdePHgECJ6nPF0K7PAPn//OuZIj+PXwTsAUMPKcBaxLLmlZ
L3ZckA2c7YVYuRQnlfe83hFZYpXnQ8CWI8GvvfpBjy47e1QJ64ilkAk6jUxyIA36lYZ4eN4t88Lj
1J+RIcKFcTe9Tn+9nTtwqCVUW4byzjOXdaLU+E0SMIICyzCCAjSgAwIBAgIDDGLnMA0GCSqGSIb3
DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBM
dGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTAeFw0wNDA1
MjYxNjMyMzBaFw0wNTA1MjYxNjMyMzBaMEExHzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1i
ZXIxHjAcBgkqhkiG9w0BCQEWD2ZlampAbm92ZWxsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL1VvYc+x5ZdWgYZGKpkh/oymyOBJw2CBECYYsgznKZGkS6BxubvV7qQjQ43WA1m
VSPGQ7xnSO3M1lnPxwo/E5A2iTRlMBityoEBPcf35rNIE4uQuoHnto7vIscUCsWWrhXeGMnqKxlX
09ACYCXFAaodvy+yLEShPRUnbqPoDPF9K8etzkWehkJH/0yzPA41tFn7GxAza9NddOSaMJpY70UG
yXb/GjWLsU3378jwn7AJj3R2+JRDtlZlvQOTBuSSmCrRkRv/lBdKyFCzS3lk1cHmb8IevxLGB3FJ
mYqOSARUidsu0HY54ljliK1jm3hF1pJhNOcTODA6kx8Iavm3CNUCAwEAAaMsMCowGgYDVR0RBBMw
EYEPZmVqakBub3ZlbGwuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEALeU3Ww6C
N148eAQInqc8XQrs8A+f/865kiP49fBOwBQw8pwFrEsuaVkvdlyQDZzthVi5FCeV97zeEVliledD
wJYjwa+9+kGPLjt7VAnriKWQCTqNTHIgDfqVhnh43i3zwuPUn5EhwoVxN71Of72dO3CoJVRbhvLO
M5d1otT4TRIwggM/MIICqKADAgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEV
MBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0
ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQw
IgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv
bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBi
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoG
A1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTl
UAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNen
prufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIB
ADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxG
cmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh
dGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSd
f0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmO
jCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIC5zCCAuMCAQEw
aTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEs
MCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAwxi5zAJBgUrDgMC
GgUAoIIBUzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNTAxMDUy
MTI4MzRaMCMGCSqGSIb3DQEJBDEWBBSdKD0BNVAA/wnVcsXNIRVfyhBe1DB4BgkrBgEEAYI3EAQx
azBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQu
MSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDGLnMHoGCyqG
SIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcg
KFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EC
Awxi5zANBgkqhkiG9w0BAQEFAASCAQAwQtF6axGLzSawcu4F+DuOm7njJd3JS8mbTOGAlkw/LjDO
qfenjq3QPnovNrANmeu9vVnmomSoEw5hU6XAyVhWdp14za6uxxdOA1inD6f+Ls5S99i2uFx1Zcc5
OC8UzEDPwnUAnbn/uypXh2KuojEzlOTCxDpSt7abj9c9kwdBRx2+i50zP63OgB+axE751Sr7mtjI
gaNnnm0pdwojTMb0cwbBBYOFYAMcp2vk59RYcOBUkTK7yGyFQb9xbfW0ZbTpNZoovDrd/KRSzz1i
4g0iH74SoBQnlrIJVKnmAZxjuAgQqdCqQQIPYBUHMQLimM7bz6NTDe9pZ3xYLm4hfA63AAAAAAAA



--=-gghdfFSvOOHmDkr9T3lC--
Previous message: [Evolution] Feature requests
Next message: [Evolution] Feature requests
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]