Die E-Mail von gnupg-u
sers-admin@gnupg.org enthält verschlüsselt
e Nachrichten
Owen Blacker
owen@flirble.org
Sat Sep 29 19:51:02 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars Hecking wrote (2001-09-29 T 16:27 +0100):
>
> > Why should Deutsche Post be forced to accept any email? They can
> > bounce messages as they please, as long as they follow established
> > practices (apparently, they didn't).
>
> IMHO this case is different.
>
> Operational measuers, such as blocking spammers, viruses, or DoS
> attacks are fine. But blocking encryption is not operational, in
> fact, contrary to their notice it decreases security. It infringes
> on civil rights.
>
> What's the point of discussing government policies about strong
> crytography and possible restrictions thereof if it is really so
> simple to prevent people from using cryptography (in a convenient way)
> for communication?
>
> I repeat, this must not be allowed to happen. One would think that
> telecom and network operators knew better, but maybe they are under
> pressure by misguided (or ultra right-wing) politicians.
It is much more likely that they are just trying to prevent virus
measures.
The software that was mentioned is MIMEsweeper. It is a mailserver
antivirus application that quarantines infected mails, or dubious
attachments, such as VBScripts. Presumably this one is set to
quarantine encrypted messagews (or PGP/MIME attachments, maybe). I
would guess that the IT manager responsible doesn't even necessarily
realise that this is the case, or at least does not realise the
consequences of this policy.
The company I work for installed a similar application some time ago and
it also was set, by default, to quarantine encrypted emails -- simply
because it could not scan them to see if they were dangerous VBScripts,
for example. As soon as I explained the folly of this policy -- and
that I needed to be able to send encrypted emails in order to be able to
do my job -- the policy was changed.
Yes, that Deutche Post is doing this is very poor -- and users should
complain to Deutsche Post about this policy -- however I seriously doubt
that the policy is deliberately malicious.
Just my two penn'eth,
Owen x
- --
Owen Blacker | Senior Software Developer and InfoSecurity Consultant
See http://www.owens-place.org.uk/pgp.html -- more about my PGP keys
Sig 0x3e2056b9 | 18cd 92aa 32aa 81b9 f5e8 c520 6475 6239 3e20 56b9
- --
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety --Benjamin Franklin, 1759
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE7tgmoZHViOT4gVrkRApZdAKCzcr6Z5ziCohwP67TW7+k6dVkDnwCfbgxW
bV9y7iv9UK6Q9SNnATA9ybo=
=SHiD
-----END PGP SIGNATURE-----