RE: [PCTECH] Mail encryption / security?

["Walden H. Leverich" <WaldenL@xxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I trade e-mails with a hospital on a regular basis and those e-mails
are typically signed, though not encrypted. 

Certainly anything I do with CERT is signed, and I've verified their
PGP key by calling, but they have a very well developed process for
key management. 

Finally, we've deployed PGP for a couple of clients that wanted to
send confidential information -- payroll, health benefits, etc. --
via e-mail to a trading partner.

Overall, I'd say it's used by those that really need it, but how many
of us really need PGP-level encryption? Then again, see my midrange-l
post about passwords. <G>

BTW, if you need to drop to a command line I can see why you think
PGP is a lot of work. For me in Outlook decryption/validation occurs
automatically and encryption/signing is as simple as selection an
icon on the toolbar, identical to what you'd do to send e-mail w/high
importance.

- -Walden


- ------------
Walden H Leverich III
President & CEO
Tech Software
(516) 627-3800 x11
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
  


- -----Original Message-----
From: pctech-bounces@xxxxxxxxxxxx
[mailto:pctech-bounces@xxxxxxxxxxxx] On Behalf Of David Gibbs
Sent: Wednesday, 23 February, 2005 23:23
To: PC Technical Discussion for iSeries Users
Subject: Re: [PCTECH] Mail encryption / security?

*** PGP SIGNATURE VERIFICATION ***
*** Status:   Unknown Signature
*** Signer:   Unknown Key (0xD1980033)
*** Signed:   2/23/05 11:23:18 PM
*** Verified: 2/24/05 10:35:53 AM
*** BEGIN PGP VERIFIED MESSAGE ***

Walden H. Leverich wrote:
| You must still be playing with OpenPGP because you signed the
| message.

Yep :)

| And I must be using PGP because when I opened the message it
| automatically verified the signature (well, ok, it told be it was a
| valid signature from an unknown key)

Same here ...

Unverified signature

gpg command line and output:
C:\\GnuPG\\gpg.exe --charset utf8 --batch --no-tty --status-fd 2 -d
gpg: Signature made 02/21/05 10:44:00 Central Standard Time using DSA
key ID A2AA12EF
gpg: Can't check signature: public key not found

| I've not used OpenPGP so I can't speak for it's interface, but I
| use PGP and we've deployed it for clients and it's seamless, at
| least
| from w/in outlook. What have you found to be too much trouble
| w/OpenPGP?

Mainly keeping track of the keys ... 'course that could be laziness
on
my part.

Not many people I correspond with actually use it secure email.  I'm
mainly curious if it's very prevalent outside of my circles.

david

*** END PGP VERIFIED MESSAGE ***
- -- 
This is the PC Technical Discussion for iSeries Users (PcTech)
mailing list
To post a message email: PcTech@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/pctech.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQh31lBJdFhGiqhLvEQI+rwCgxSSoxUF0NJywk0LvxYEyntpSm8MAn317
lIvhpZOgy8QE7Tc2vKQLhlvi
=uAYP
-----END PGP SIGNATURE-----