[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
> you can be absolutely certain that all your comms will be recorded/stored
>> That's why there are things like VPN, IMAP/POP over SSL and StartTLS.
Which only covers your transit to them. All your mail
between providers is still wide open.
> (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
Exactly. Everyone on the net seriously needs to be turning
on oppurtunistic encryption for all services. Crypto has little
cpu cost these days compared to the gain in privacy.
The last bit would be to store the data encrypted. That's easy
at the provider spindles, but breaks down if you want to provide your
own key for it. So you're left with OpenPGP, FUSE, etc.
Anyhow, whoever was going to put a table of providers
up on the wiki with little columns for https, imaps, pop3s, smtps,
'verification/tracking' requirements, etc... deserves some thanks.