[743] in cryptography@c2.net mail archive
Re: Securing plaintext following receipt
daemon@ATHENA.MIT.EDU (Steve)
Wed May 7 21:28:58 1997
To: "A. Padgett Peterson P.E. Information Security" <PADGETT@hobbes.orl.mmc.com>
cc: cryptography@c2.net
In-reply-to: Your message of "Wed, 07 May 1997 19:50:05 EDT."
<970507195005.2061db8f@hobbes.orl.mmc.com>
Date: Wed, 07 May 1997 17:47:21 -0700
From: Steve <steve@edmweb.com>
> Have for some time been promoting the concept of three types of
> encryption:
> 1) data
> 2) volume
> 3) channel
Data and volume encryption aren't all that different. I think it can be
reduced further:
1- End-point security. Consists of file/disk encryption, tamper
resistant hardware, armed guards, etc.
2- Communications channel security. Secures data between end points.
Consists of public key methods (PGP, S/MIME, SSL), quantum crypto, etc.
When a message leaves an end-point, all end-point security can be
stripped off and communications channel security takes over. When a
message arrives at an end-point, the communications channel security is
stripped off and end-point security takes over. This allows the two to
be completely seperate.
Digital signatures on email messages can (rather conveniently) be
considered part of the message. Yet another reason to sign before
encrypting.
