Sat Apr 12 02:53:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Neil Williams wrote:
>On Friday 11 April 2003 7:19 pm, Denis McCauley wrote:
>> > Eddie Roosenmaallen wrote
>> > Another alternative for an easy-to-use mail frontend is Mozilla
>> > Enigmail. It's pretty painless to set up, and it does signing,
>> > encrypting,
>> > key pair generation, etc. right from the menus in Moz mail.
>>Very easy to use but I see a problem with encrypting or signing
>>with Enigmail because this is done on sending, which means private
>>keys (and passphrase if cached) might be exposed when you go
>>An option to encrypt/sign and queue would solve this problem though.
>But Mozilla can do that, like most email clients you can send now or
>later. It's a simple configuration option.
># To send messages in your Unsent Messages folder before going
>"Send Unsent Messages".
Sure, but ....
>The act of signing is done when the message is finalised ready for
>later - queued. This can therefore be done offline, leaving only the
>email in the outbox waiting for the connection and command to send.
Maybe I'm a bit thick, but I can't find an option to queue encrypted
or signed messages on my version (Enigmail 0.71 on Mozilla 1.2.1 on
w2k), though it can be done for unencrypted/unsigned messages. I have
to encrypt or sign with gpg outside the mailer, copy to the composer
and then queue the message.
>Besides, even without a queue, aren't you going to be using a
>protect your machine? Where is the perceived threat - from the
>from the intranet or even from users on the same system?
I keep in mind a comment by Bruce Schneier: "Some firewalls are
reasonably effective", and I've seen examples of sites reading my file
structure through IE (not with Mozilla, but I'm careful all the same).
Once the firewall is opened for the browser there's a potential
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1-nr1 (Windows 2000) - GPGshell v2.70
Comment: Key ID: 0x8353641A
Comment: 1374 43A0 8F8D DB46 D752 0202 2514 2492 8353 641A
-----END PGP SIGNATURE-----