Necessity of GPG when using SSL
Johan Wevers
johanw at vulcan.xs4all.nl
Mon Feb 20 22:14:46 CET 2006
Henry Hertz Hobbit wrote:
>Usually, if you are using a web interface to access your email, only the
>initial authentication is done via SSL. After that if your URL address
>shifts to using an "http://" rather than the "https://" you made your
>initial connection with means that your communication just shifted from SSL
>(weak encryption) to NO encryption. That is the norm.
Strange, I've never seen that happen. All webmail from Dutch providers that
I've accessed (my own and some for people with problems where I accessed the
mail to dump mails with large attachments that took too long to download)
were https all the way.
--
ir. J.C.A. Wevers // Physics and science fiction site:
johanw at vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users
mailing list