I've been concidering offering my entire family e-mail accounts on my personal servers, but they don't like the idea that I can read everything. So I've proposed a strict policy of having incoming messages automatically encrypted, if not already, upon delivery. The mail server would have access to only the public keys to do so. Private keys would reside only with e-mail client-ware on personal laptops and workstations beyond my control. Additionally the policy would forbid any redirection or copying of incoming and outgoing messages off the normal transmission path, or the permanent storage of temporary files in periodic backups. The list of restrictions would be lengthy, but worth it if only to provide a secured repository for my family. Setting up gpg or pgp on each server and client may be tedious, but is far from impossible. The final challenge would be teaching them to protect and preserve their private keys. Is any body already doint this?
Slashdot Mirror
I've been concidering offering my entire family e-mail accounts on my personal servers, but they don't like the idea that I can read everything. So I've proposed a strict policy of having incoming messages automatically encrypted, if not already, upon delivery. The mail server would have access to only the public keys to do so. Private keys would reside only with e-mail client-ware on personal laptops and workstations beyond my control. Additionally the policy would forbid any redirection or copying of incoming and outgoing messages off the normal transmission path, or the permanent storage of temporary files in periodic backups. The list of restrictions would be lengthy, but worth it if only to provide a secured repository for my family. Setting up gpg or pgp on each server and client may be tedious, but is far from impossible. The final challenge would be teaching them to protect and preserve their private keys. Is any body already doint this?