6 Sep
2013
6 Sep
'13
3:24 p.m.
On 09/06/2013 12:14 PM, Eugen Leitl wrote:
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol.
Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least.
Of course:
Received: from sc1.nanog.org (sc1.nanog.org [50.31.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate)
doesn't instill a lot of confidence :) It's better than nothing though. Mike