Comments on: Send encrypted webmail

By: Arnie

Arnie — Sat, 15 Mar 2008 06:21:12 +0000

By: jgotangco

jgotangco — Sun, 03 Sep 2006 02:51:04 +0000

A third party having your private keys even! Now that’s security.

Seriously though, I think this is what the Hula project will be doing as well, except that you have to setup your own service.

By: rom

rom — Mon, 28 Aug 2006 09:30:00 +0000

Monsolo, technically they can – as long as they know your passphrase.

godie, the thing with PGP is that anybody can always create their own keys. The web of trust is important – so keys must be signed by an authority or a community of trusted individuals.

By: godie

godie — Sun, 27 Aug 2006 22:35:06 +0000

You may want to try GnuPGP (http://www.gnupg.org/)then publish your key at MIT’s PGP Server (http://pgp.mit.edu/)

I only sign sensitive data and please don’t sign your PLUG emails! >_

By: Monsolo

Monsolo — Sun, 27 Aug 2006 06:17:59 +0000

Rom,

The impact is still the same. For encryption to be secure, the private key has to be kept private. If Freenigma has both keys, then technically they can decrypt the message.

Ideally, Freenigma should only be keeping the public keys of both the sender and the receiver.

I’m awaiting a message from Freenigma, signifying that i have joined, and will try it out.

By: rom

rom — Sun, 27 Aug 2006 04:27:49 +0000

You, the user generates your public and private keys. The thing with Freenigma is that it stores the key-pair for you, which is retrieved by the plug-in, when needed.