[Mimedefang] Scary... Filtering on the outbound.
bkamen at benjammin.net
Thu Feb 17 13:40:01 EST 2005
David F. Skoll wrote:
> Well, there's a commercial solution (maybe a few) that work like this:
> 1) Health care agency X needs to send confidential information to client Y.
> 2) Person from X sends confidential mail to a special account, something like:
> Y-at-Y.DOMAIN at secret.X.domain
> 3) A magic process intercepts the mail, stores the confidential info on
> an HTTPS server, and sends mail to Y at Y.DOMAIN saying:
> "You have a confidential message at https://whatever"
> 4) Y logs in with his/her usernamd and password (which must have been
> sent out-of-band -- probably by regular mail) and reads the message.
> This avoids Y having to understand anything about PGP. I think it's a fairly
> cool solution.
That is nifty - but is the server kept on site? if not. security can't be assured.
However, if everything was done HTTPS, that would be the fix.
Anyway - interesting idea.
More information about the MIMEDefang