From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/36074
Path: main.gmane.org!not-for-mail
From: Jaap-Henk Hoepman <hoepman@cs.utwente.nl>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: security: Encrypted mail in the archive
Date: 01 May 2001 09:37:32 +0200
Organization: University of Twente, Department of Computer Science
Sender: hoepman@cs.utwente.nl
Message-ID: <kp7l011u8b.fsf@utip202.cs.utwente.nl>
References: <E14tsV5-0004MU-00@dahaIM.dyndns.org>
	<878zkjbom3.fsf@deneb.enyo.de>
NNTP-Posting-Host: coloc-standby.netfonds.no
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: main.gmane.org 1035171721 6625 80.91.224.250 (21 Oct 2002 03:42:01 GMT)
X-Complaints-To: usenet@main.gmane.org
NNTP-Posting-Date: Mon, 21 Oct 2002 03:42:01 +0000 (UTC)
Return-Path: <owner-ding@gnus.org>
Original-Received: (qmail 28981 invoked by alias); 1 May 2001 07:37:38 -0000
Original-Received: (qmail 28976 invoked from network); 1 May 2001 07:37:38 -0000
Original-Received: from utiw16.cs.utwente.nl (HELO utip202.cs.utwente.nl) (130.89.15.115)
  by gnus.org with SMTP; 1 May 2001 07:37:38 -0000
Original-Received: (from hoepman@localhost)
	by utip202.cs.utwente.nl (8.11.2/8.11.2) id f417bXa01559;
	Tue, 1 May 2001 09:37:33 +0200
X-Authentication-Warning: utip202.cs.utwente.nl: hoepman set sender to hoepman@cs.utwente.nl using -f
Original-To: ding@gnus.org
In-Reply-To: <878zkjbom3.fsf@deneb.enyo.de>
X-Face: #U;T;~,y.iVz7!wB(gVzSj:j}x-tZr\v-PQU}''7h^>jaAM'vw1K<p|LRd`F\Hha#IBb^,8
 nd6s}"Sj!:V'Y,LkwBj>A83N5/gN~kcktG%,>Q>""S?Fg`&U80!Vg=)El,s/W)W^
User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)
Original-Lines: 30
Xref: main.gmane.org gmane.emacs.gnus.general:36074
X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:36074

On 29 Apr 2001 19:30:12 +0200 Florian Weimer <fw@deneb.enyo.de> writes:
> Andreas Fuchs <asf@acm.org> writes:
> 
> > I just saw something that shocked me. I had sent an encrypted mail to a
> > friend of mine and tried to read it in the archive. Guess what?
> > 
> > The mail that is stored in my archive group is not encrypted in any
> > way.
> 
> If this is not acceptable in your environment, you need a
> cryptographic filesystem anyway, so I don't consider this a problem.

I consider this to be a _big_ problem, because it is definitely not what I
would expect. If I send encrypted mail, the local copy should be encrypted
too. If I only send encrypted mail to a few people, a cryptograpic filesystem
is overkill. Moreover, people may store/archive their mail on some fileserver
they have no control over.

Jaap-Henk

P.S.: Andreas, what method do you use to encrypt your mail? I don't seem to 
recall seeing this behaviour using pgp and mailcrypt.

-- 
Jaap-Henk Hoepman             | Come sail your ships around me
Dept. of Computer Science     | And burn your bridges down
University of Twente          |       Nick Cave - "Ship Song"
Email: hoepman@cs.utwente.nl === WWW: www.cs.utwente.nl/~hoepman
Phone: +31 53 4893795 === Secr: +31 53 4893770 === Fax: +31 53 4894590
PGP ID: 0xF52E26DD  Fingerprint: 1AED DDEB C7F1 DBB3  0556 4732 4217 ABEF