I was asked to address this in the blog as well. Since 2001 I use a digital e-Mail-signature provided in a cost-free web-of-trust organized by Thawte, one of the leading providers of digital server signatures for websites.
I also voluntarily confirm the idendity for the user(s) with 35 points. 50 points are needed to have a personalized digital signature (with your name), having 100 points you become a “Thawte Notary” yourself able to provide such points to others.
Using such a signature with S/MIME is rather easy to use with common e-Mail-programs like Thunderbird, Outlook or Notes. Once both sides have such a signature, it is very easy to encrypt mail – Good Bye Big Brother…
Similar signatures or “qualified” signatures are commercially available (for money). If you want to know the difference, want to know more or are simply interested, please feel free to contact me at your convenience.
A new project in Germany is DE-Mail, said to enable “secure communication” with administration, implying “security” that simply is not there. First of all, the servers are to be maintained by German Telekom T-Systems. Second the encryption is not controlled by the user, but this is just a “secure e-Mail-address”.
What my own Internetserver requires for years is SSL-encryption, the same used by banks and said to be very secure. This is all such service can provide, except it allows “trusted partners” to have secure server-to-server communication. Such partners sure pay for such service. And big mama government sure has access to it – as have tons of T-Systems people. And don’t we have enough examples of data theft?
Sure: Food For Thought…
And please share yours…