[GnuPG] Re: Can you unlock sent messages ?? Somehow ??
Ryan Malayter
rmalayter@bai.org
Fri Jul 18 16:51:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
1) Your company should almost definitely *not* be using PST files for
Outlook mail storage. PST=3DBAD for a lot of reasons, see
http://www.swinc.com/resource/exch_faq_appxf.htm for details. Of
course, if you're not an Exchange server shop, but use POP3 or IMAP
servers, you might be stuck with PST files.
2) You cannot decrypt OpenPGP messages without the private key and
pass-phrase of the sender, and then only if they encrypted the
message to themselves. This is the whole point of PGP. If you don't
have the private key and pass phrase, or if the messages weren't
encrypted to the user himself as well as the recipient, you'll have
to trust the *recipients* of the encrypted messages to forward you
unaltered copies of the encrypted messages. Basically, if the OpenPGP
user didn't want those messages recovered, you're screwed.
3) You (supposedly) cannot decrypt an encrypted PST file if the
user's original profile is lost. The encryption key is stored in the
user portion of the Windows registry. However, I think PST encryption
is relatively weak, since it is "compressible", so there may be a
brute-force cracking utility out there somewhere.
- -----Original Message-----
From: Stone, Darryll [mailto:Darryll.Stone@Encana.com]=20
Sent: Thursday, July 17, 2003 9:01 AM
To: gnupg-users@gnupg.org
Subject: Can you unlock sent messages ?? Somehow ??=20
If someone in an organization used GPG and then left the company,
and you
had to give a copy of all emails that that individual had ever sent
, how
can you unlock all of the encrypted messages?? specially if your
email is
an
actual record that you have to keep... is there somewhere you can
send a
pst
file to be unencrypted??
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.94
iD8DBQE/GAlo9wZiZHyXot4RAg05AJ9HLC0yqQ0jIrWuVflSvLzliYNUKwCgq/YI
r9PrxaV/2RxHKkwluemsgGI=3D
=3D300E
-----END PGP SIGNATURE-----