Die E-Mail von gnupg-u sers-admin@gnupg.org enthält verschlüsselt e Nachrichten

Owen Blacker owen@flirble.org
Sat Sep 29 19:51:02 2001

Hash: SHA1

Lars Hecking wrote (2001-09-29 T 16:27 +0100):

> > Why should Deutsche Post be forced to accept any email? They can
> > bounce messages as they please, as long as they follow established
> > practices (apparently, they didn't).
> IMHO this case is different.
> Operational measuers, such as blocking spammers, viruses, or DoS
> attacks are fine. But blocking encryption is not operational, in
> fact, contrary to their notice it decreases security. It infringes
> on civil rights.
> What's the point of discussing government policies about strong
> crytography and possible restrictions thereof if it is really so
> simple to prevent people from using cryptography (in a convenient way)
> for communication?
> I repeat, this must not be allowed to happen. One would think that
> telecom and network operators knew better, but maybe they are under
> pressure by misguided (or ultra right-wing) politicians.
It is much more likely that they are just trying to prevent virus measures. The software that was mentioned is MIMEsweeper. It is a mailserver antivirus application that quarantines infected mails, or dubious attachments, such as VBScripts. Presumably this one is set to quarantine encrypted messagews (or PGP/MIME attachments, maybe). I would guess that the IT manager responsible doesn't even necessarily realise that this is the case, or at least does not realise the consequences of this policy. The company I work for installed a similar application some time ago and it also was set, by default, to quarantine encrypted emails -- simply because it could not scan them to see if they were dangerous VBScripts, for example. As soon as I explained the folly of this policy -- and that I needed to be able to send encrypted emails in order to be able to do my job -- the policy was changed. Yes, that Deutche Post is doing this is very poor -- and users should complain to Deutsche Post about this policy -- however I seriously doubt that the policy is deliberately malicious. Just my two penn'eth, Owen x - -- Owen Blacker | Senior Software Developer and InfoSecurity Consultant See http://www.owens-place.org.uk/pgp.html -- more about my PGP keys Sig 0x3e2056b9 | 18cd 92aa 32aa 81b9 f5e8 c520 6475 6239 3e20 56b9 - -- They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety --Benjamin Franklin, 1759 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7tgmoZHViOT4gVrkRApZdAKCzcr6Z5ziCohwP67TW7+k6dVkDnwCfbgxW bV9y7iv9UK6Q9SNnATA9ybo= =SHiD -----END PGP SIGNATURE-----