Previous Entry Share Next Entry
Security musing
Default
gemsling
It feels a little wrong to send a secure certificate by email...

  • 1
Woah - wait, for work? I did that once when we tried MelbIT and Suzi went off at me for sending our key via unencrypted email.. did you have to do that? cripes.

Only sending the public key (exchanged with browser every session). Recipient has the private key. Still, it feels a little wrong...

well, isnt that the PURPOSE of the public key, to be able to emailed around with impunity?

Absolutely. Which is why I realised that the "don't email keys" matra I've been taught needn't apply to the certificate itself. Still, it got Tracy's attention... :-)

  • 1
?

Log in

No account? Create an account