steven.soroka@mts.mb.ca
Fri, 21 Aug 1998 17:46:15 -0500
>One way this would be accomplished is as follows:
>
> o Your MTA makes a connection on TCP/25 to my MTA.
>
> o They handshake, and in the process, find out if they're both "PGP
> session capable", where "PGP session" is how the hack we put in
> identifies itself.
>
> o If they both are, then your MTA will create a random session key
> and send it to my MTA, encrypted with my MTA's public key.
>
> o My MTA will decrypt the message with its private key, and retrieve
> the session key.
>
> o The conversation then switches to an encrypted session, using a
> symmetric cipher, with the random session key generated by your
> MTA.
>
> o The subsequent sending of the data all takes place over the
> now-encrypted channel.
>
> o They end the conversation normally, but over the encrypted channel
> instead of in the clear.
>
>This leaves some room for deciding things like how to verify host keys
>and that sort of thing, but should give you the general idea.
>
>Hope that helps.
Yup, helps a lot.. but the most obvious problem with the above is that
if the other MTA doesn't support the "PGP session", it would be sent
normally.. although this generally takes the security of email up a
step, there's no reliability, and you wouldn't be able to trust that
your mail is safe unless this is widely used, or unless you can specify
to return the mail if a secure connect cannot be made...
Hmm.. I guess it's a pretty good idea... definately not a total-security
solution... more like a step toward upgrading mail security.
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:11:00