Talk:Email encryption

This article is rated Stub-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computing This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. ??? This article has not yet received a rating on the project's importance scale. Internet High‑importance Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. High This article has been rated as High-importance on the project's importance scale.

Is Encyption really this useless?

Latest comment: 12 years ago1 comment1 person in discussion

One might think some government employees and corporate employees would need encrypted e-mail, especially to some foreign countries. What effect has proxy servers on certificates & keys? Encryption & Signing are buttons clearly available to Apple Mail users, so they will want to know about these.

Encryption usually comes with email authentication, often from CAcert.org, in light of the demise of Thawte. (The email authentification of ip addresses is depricated because of spoofing; but the inability to reply would seem to protect the sender, and accepting only mail from those written should protect others.)

People might like to know where to look in their mailing agent's 'Prefereces' for security certificate authorities. My Thunderbird on Ubuntu Linux doesn't have CAcert.org, but it does have dozens of others, though I see no PGP keys (as I did on a MacOSX). Practical matters, such as validating & revocing certificates are of great interest. Which authorities are reputable, and provide free public & private keys for encryption?

Sorry about encorporating ip 'authentication', but the two are often bagged together. Geologist (talk) 00:21, 21 January 2012 (UTC)Reply

RfC concerning the Lavabit email service

Latest comment: 10 years ago1 comment1 person in discussion

There is a request for comments (RfC) that may be of interest. The RfC is at

Talk:Lavabit#RfC: Should information about Lavabit complying with previous search warrants be included?

At issue is whether we should delete or keep the following text in the Lavabit article:

Before the Snowden incident, Lavabit had complied with previous search warrants. For example, on June 10, 2013, a search warrant was executed against Lavabit user Joey006@lavabit.com for alleged possession of child pornography.

Your input on this question would be very much welcome. --Guy Macon (talk) 04:44, 29 August 2013 (UTC)Reply

List of clients

Latest comment: 9 years ago1 comment1 person in discussion

@Mjac78: Regarding this edit where you say "this short list benefits users who want to decide which standard and client to use. Please state wiki policy forbidding it"

My point is that if you keep the list "short" then it's necessarily an arbitrary selection of clients. If you try to be thorough then the list becomes too long to be useful. I think it's preferable to remove the list and have neither of these problems. In addition, such lists tend to invite list creep, as people recognize that their favorite choice isn't represented and add it, turning it into a long list.

Just to nitpick wrt "state wiki policy forbidding it", not every edit or reversal needs to be backed up by policy — just like you didn't need a policy to support your addition. Making a rational argument is sufficient. But WP:NOTHOWTO is a relevant one, the purpose of Wikipedia is to state facts, not to "[benefit] users who want to decide which standard and client to use".

But that's my two cents, not worth edit warring over. -- intgr [talk] 10:31, 26 January 2015 (UTC)Reply

Emails transmitted in the clear

Latest comment: 5 years ago1 comment1 person in discussion

"Email is prone to disclosure of information. Most emails are currently transmitted in the clear (not encrypted) form. By means of some available tools, persons other than the designated recipients can read the email contents.^[1]"

This verbatim from a 2008 source seems to be completely contradicted later in the article via Google TLS report^[2] ☺️

85.76.69.228 (talk) 09:52, 8 October 2018 (UTC) Sampumon 🍂Reply

References

1. http://www.arxiv.org/pdf/1002.3176
2. https://transparencyreport.google.com/safer-email/overview

Provider list deleted.

Latest comment: 4 years ago2 comments1 person in discussion

I had added a list of providers earlier today that is no longer there. Was it deleted or did I just do something wrong when I was publishing it? Julia759 (talk) 00:54, 5 November 2019 (UTC)Reply

Since it's been several days and nobody has responded I'm assuming nobody deleted the list so I'm going to put it back on. If there is any issue with this please respond here. If you want to add to the list, please keep it in alphabetical order. Julia759 (talk) 18:34, 9 November 2019 (UTC)Reply

Deletion of valid reference by GermanJoe

Latest comment: 4 years ago3 comments2 people in discussion

In the "End-to-end encryption" section, a reference to https://www.howtogeek.com/135638/the-best-free-ways-to-send-encrypted-email-and-secure-messages/ is being repeatedly deleted by GermanJoe without any valid reason (although another howtogeek reference a few line above is not). Could you please explain why this is allowed to happen? 86.129.119.156 (talk) 17:20, 27 January 2020 (UTC)Reply

The given information is already sufficiently sourced to an .edu reference and doesn't need another source, especially when the additional source is a low-quality product listing that merely parrots the various product descriptions. In fact several sections (like parts of the mobrien.com information) are copypasted from the original product or developer sites (that's plagiarism and undisclosed advertising by the way). I haven't checked the other source usage in detail, but every case needs to be assessed on its own merits anyway. One usage of another article in a different context does not automatically justify unrelated other usages from the same site. GermanJoe (talk) 19:52, 27 January 2020 (UTC)Reply

Thank you for giving more details about your reasons for repeatedly deleting the above-mentioned reference. That long product list is IMHO quite informative and generally looks quite neutral and quite unbiased. The fact that some of the summarized product descriptions might have been partially copypasted from their original website does not automatically make these descriptions untrue or biased. The article is what it is: a long list of products, each described in a few lines, it is not an in-depth analysis article. It is nonetheless informative and very relevant as a reference of examples of file attachment email encryption tools of various kinds and would benefit article readers curious about what sort of tools for this purpose are out there (without being oriented to any particular tool). So IMHO this is a valid, relevant and informative reference. Nonetheless my time is quite precious and I am not inclined in spending it myself going through some kind of arbitration for this. I'll let you and other wikipedians more involved than me deal with this as you see fit. Thank you and bye. 86.129.119.156 (talk) 20:48, 27 January 2020 (UTC)Reply