From: Tony Iannotti <tony@secapl.com>
To: “A. Padgett Peterson, P.E. Information Security” <PADGETT@hobbes.orl.mmc.com>
Message Hash: 5fe5f4287e0b01a6b2bac745a51e16f97f7647111a16fd7fb28bbe3353312219
Message ID: <Pine.A32.3.91.960131191659.120542E-100000@fozzie.secapl.com>
Reply To: <960131175353.202083b0@hobbes.orl.mmc.com>
UTC Datetime: 1996-02-01 01:42:36 UTC
Raw Date: Thu, 1 Feb 1996 09:42:36 +0800
From: Tony Iannotti <tony@secapl.com>
Date: Thu, 1 Feb 1996 09:42:36 +0800
To: "A. Padgett Peterson, P.E. Information Security" <PADGETT@hobbes.orl.mmc.com>
Subject: re: Netscape "secure E-Mail"
In-Reply-To: <960131175353.202083b0@hobbes.orl.mmc.com>
Message-ID: <Pine.A32.3.91.960131191659.120542E-100000@fozzie.secapl.com>
MIME-Version: 1.0
Content-Type: text/plain
On Wed, 31 Jan 1996, A. Padgett Peterson, P.E. Information Security wrote:
> Could do that now with a commerce server - didn't say "encrypted" email,
> said "secure". Prolly just sends it to port 443 on the secure channel and
> the server does the SMTP to the internal net.
When I examine the headers from a PC running any POP client including
Netscape, (where the return path is smtp), they show up as originating
from the PC's address, whether direct net or dial-up PPP. Wouldn't that
indicate that the message is using SMTP not https over the link? (and
therefore in fact in the clear unless encrypted in body?) I think the
inclusion of the option of the Exchange client is a possible shift of the
onus of PEM to MS. (frightening thought....)
Where are MOSS and SMIME now?
Return to February 1996
Return to “Tony Iannotti <tony@secapl.com>”