Linked by Thom Holwerda on Thu 12th Apr 2012 08:59 UTC
Internet & Networking I would honestly serve at the altar of the person that did this. Keep the debugging information, but for the love of god, make your email client do something pretty and useful with it.
Permalink for comment 513917
To read all comments associated with this story, please click here.
saso
Member since:
2007-04-18

The problem there is that confidential information is frequently transmitted via e-mail. In fact it's pretty standard for things like Passwords and user IDs to be sent this way. Let alone more confidential data sent by users who don't understand the protocol.

Yes, exactly my point! Why then would you trust your post boy (mail server) not to take a peek inside the envelope if it carries sensitive information? That's actually an argument *for* end-to-end encryption!

Furthermore, it would make a great deal more sense to encrypt as standard at the protocol level rather than add another layer of abstraction at the user level


Because TLS is necessarily two-way and hop-by-hop. You can't establish a TLS session via e-mail itself, the round-trip for salt exchange and other protocol setup would be just terrible. That's why we have things like S/MIME and PGP.

Reply Parent Score: 2