Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Is universal end-to-end encrypted email possible (or even desirable)?

Maria Korolov | Sept. 19, 2017
End-to-end email encryption is getting more attention as security and compliance concerns mount, but practical use cases are rapidly being eaten away by other technologies.

"We're never really going to have widespread end-to-end encrypted email," says Kenneth White, director of the Open Crypto Audit Project. Purely internal email encryption systems can have as many protections and as much oversight built in as the company wants. "But as soon as you're interacting with a third-party system, you just have an email address," he says. "You have to think about whether everyone on the list has the same system, and that's just a non-starter for the vast majority of organizations."

Defaulting to a link inside the email that takes external recipients to a secure website works, he says. "But then it's a web application, it's a website. It's not email. I for one, and the others in the security field, don't see that there's ever going to be any kind of [general use] encrypted email."

 

Previous Page  1  2  3  4  5 

Sign up for Computerworld eNewsletters.