top | item 46414069

(no title)

p2detar | 2 months ago

I will not name it, but I worked on such product for some time. In fact it is still being sold, maybe 3rd decade already.

> you still need every recipient to be managing their own keys anyways to be able to decrypt/validate what they’re reading.

Nope, that is handled at the gateway on the receiving side.

edit: Again, the major point here is to ensure no plain text email gets relayed. TLS does not guarantee that plain text email doesn't get relayed by a wrongly configured relay on its route.

discuss

akerl_|2 months ago

If the gateways are putting encryption in place and then stripping it, it’s not end-to-end. You’re just doing theatre over mandating TLS.