[Chugalug] Email message authentication, encryption
flushy at flushy.net
Fri Dec 28 12:08:16 UTC 2012
Think of it like snail mail.
One way ensures the message came from that street address and only that street address.
The other way ensures that the message inside the envelope was not tampered with and was written by the person it says it was written by.
Gpg can also fully encrypt the message. Thus ensuring that the envelope wasn't opened, that only the recipient can open it, and that it was indeed written by the person that it says wrote it.
Sent from my iPhone
On Dec 27, 2012, at 5:15 PM, David White <dwrudy at gmail.com> wrote:
> I'm beginning to explore ways that I can authenticate (and possibly sign) my email, and I'm wondering if folks have any opinions about GPG for this use case.
> I'm very familiar with SPF, DKIM, and DMARC records (in DNS), but while these mechanisms provide a way for receiving mail servers to reliably identify whether or not the incoming message came from the legitimate sender, it seems to me that this doesn't provide a reliable way to reliably determine whether or not the message was modified in transit.
> These mechanisms obviously also don't even touch on full message encryption.
> I know that GPG uses asymmetric encryption to sign a message (i.e. not the whole message is encrypted, just the signature).
> But it seems to me that this just serves the same purpose as DKIM. What's the difference? (Ok, 1 is DNS based and the other is client-side based, but other than this... any difference?)
> I'm also confused about is the adoption rate of clients when it comes to GPG. Is this something that you'd normally have to implement on your own email client in order to "use", or do the most popular clients automatically use it?
> This is just 1 of the security-related questions I'm exploring right now, in an effort to ramp up my own email security and protect my domain's reputation.
> - David White -
> Smooth Stone Services (soon to be CENTS)
> Computing, Equipping, Networking, Training & Supporting
> Nonprofit Organizations Worldwide
> Existing Website: http://www.smoothstoneservices.com
> New Website (coming soon): http://developCENTS.com
> Chugalug mailing list
> Chugalug at chugalug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chugalug