EmailDiscussions.com - View Single Post

BritTim · 27 Dec 2016, 02:15 AM

What you are looking for is something that is extremely difficult to provide in a usable form. First, reflect on this: mainstream IMAP mail clients have no facility to automatically decrypt messages dynamically at the client end. A first requirement will be some kind of add-on to handle encryption/decryption. In fact, such a facility does exist: a few PGP products can be set up to automatically encrypt messages when sending, and decrypt them whenever they are read.

As an alternative, you can use an email system where the provider has clients to handle decryption on your computer/tablet/phone. If this is browser-based, it will be insecure. If it is a native application on the device, it can be completely secure, in theory, but good luck in finding a niche service with support for MS Windows, OSX, Android, Linux, iOS and whatever other platforms you might need supported.

Apart from the above, there are some performance costs (and losses in functionality) but only one "tiny" remaining issue. It assumes that everyone else who corresponds with you is willing to use a compatible system. Good luck with that! I am able to communicate with anyone who asks using PGP, but have given up trying to educate others on its benefits. Although not really hard, it seriously affects the usability of ones email system, and is anyway too much trouble for most people, even for transmitting sensitive messages.

Sad to say, for all practical purposes, email communications cannot be made fully secure for general correspondence. If you want a suggestion on what you can do that your correspondents can use when you send them something confidential, you can put the message in an encrypted archive using a widely supported format like ZIP files. You let them have the password. Just do not expect them to send stuff to you that way!

27 Dec 2016, 02:15 AM	#2
BritTim The "e" in e-mail Join Date: May 2003 Location: mostly in Thailand Posts: 3,090	What you are looking for is something that is extremely difficult to provide in a usable form. First, reflect on this: mainstream IMAP mail clients have no facility to automatically decrypt messages dynamically at the client end. A first requirement will be some kind of add-on to handle encryption/decryption. In fact, such a facility does exist: a few PGP products can be set up to automatically encrypt messages when sending, and decrypt them whenever they are read. As an alternative, you can use an email system where the provider has clients to handle decryption on your computer/tablet/phone. If this is browser-based, it will be insecure. If it is a native application on the device, it can be completely secure, in theory, but good luck in finding a niche service with support for MS Windows, OSX, Android, Linux, iOS and whatever other platforms you might need supported. Apart from the above, there are some performance costs (and losses in functionality) but only one "tiny" remaining issue. It assumes that everyone else who corresponds with you is willing to use a compatible system. Good luck with that! I am able to communicate with anyone who asks using PGP, but have given up trying to educate others on its benefits. Although not really hard, it seriously affects the usability of ones email system, and is anyway too much trouble for most people, even for transmitting sensitive messages. Sad to say, for all practical purposes, email communications cannot be made fully secure for general correspondence. If you want a suggestion on what you can do that your correspondents can use when you send them something confidential, you can put the message in an encrypted archive using a widely supported format like ZIP files. You let them have the password. Just do not expect them to send stuff to you that way!