[Standards-JIG] Re: The Great Encryption Debate
sneakin at semanticgap.com
Mon Aug 8 13:18:50 UTC 2005
(Nothing really needs to be quoted)
I was wondering if the requirement some businesses and industries for
logging emails and IMs is being taken into account? A message logger
will need to be able to decrypt the data for review or whatever, but
once it goes past the corporate server it needs to be encrypted. With
the e2e RFC, PGP, and other straight forward PK crypto this requirement
wouldn't be to hard to meet if the business kept a copy of each private
key locked up somewhere. That's not the most secure but it beats doing
the crypto on the server.
Can any of the proposals meet this requirement? I'm sure some exec will
be asking for it.
More information about the Standards