Necessity of GPG when using SSL

Benjamin Esham bdesham at
Mon Feb 20 05:50:17 CET 2006

John Clizbe wrote:

>> Henry Hertz Hobbit wrote:
>>> Usually, if you are using a web interface to access your email,  
>>> only the
>>> initial authentication is done via SSL.  After that if your URL  
>>> address
>>> shifts to using an "http://" rather than the "https://" you made  
>>> your
>>> initial connection with means that your communication just  
>>> shifted from SSL
>>> (weak encryption) to NO encryption.  That is the norm.
> OF three major US providers I have experience with:
> Earthlink and Google's GMail use https on their signin page then  
> then switch
> over to http once authenticated

I saw a neat trick somewhere online... if you use "https://" as your
login page for Gmail, the entire session is encrypted.  I haven't  
used the normal
method since I learned how to do this.  I hope someone finds this  
helpful! :-)

Benjamin D. Esham
bdesham at  |  |  AIM: bdesham128
Wikipedia, the Free Encyclopedia  •

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20060219/9eb0b934/PGP.pgp

More information about the Gnupg-users mailing list