> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Roland Perry
> Sent: 11 February 2013 09:44
> To: [log in to unmask]
> Subject: Re: Sending personal data by post
>
> In message <61E52F3A5532BE43B0211254F13883AE5A909505@EXC001>, at
> 08:45:40 on Mon, 11 Feb 2013, Andrew Cormack <[log in to unmask]>
> writes
> >> >You can have the securest email system in the world but it wont
> stop
> >> >you sending it to the wrong person unless it locks you down to one
> >> recipient only.
> >>
> >> That's where public key encryption can be useful, because you also
> have
> >> to select your recipient's public key as well as their email
> address.
> >> And while I know it's easy to pick the wrong email address, if you
> are
> >> careful then you might not have the "wrong" person's key available
> to
> >> you.
> >
> >That only works so long as your mail client doesn't automatically
> select the encryption key based on the address you type :(
> >
> >Andrew (who has seen that happen!)
>
> My client does that, but I only have keys for a very few of my
> correspondents, and I can generally remember who they would be.
>
> (eg) If I have a key for you (AndrewC).
>
> And I was sending you an email, selecting the wrong AndrewC|AndrewD or
> whatever probably wouldn't trigger my client into prompting me to
> confirm that I wanted to encrypt the email (because I don't have a key
> for them); and I would be expecting it to prompt me, so I would
> investigate.
>
> [The reverse is also true, but less useful: sending an email to someone
> whose mail I would *not* expect to be encrypted would raise a suspicion
> if my email client asked me if I wanted to encrypt.]
>
> It's not foolproof, but it helps.
Yup. Creates a slightly perverse incentive to keep your keychain small, though, and only use encryption when it's really needed. The more people you send encrypted mail to, the less the chance of a typo hitting someone who doesn't have a key!
Andrew
> --
> Roland Perry
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the
> list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your
> needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|