Forgot your password?
New user?
Document Actions
3. Motivation
Government agencies and other organisations want to be able to communicate securely with their customers using an email system that is equivalent, in terms of security, to postal mail.
3. Motivation
Government agencies and other organisations want to be able to
communicate securely with their customers using an email system that
is equivalent, in terms of security, to postal mail. More recently
some agencies have started to create webmail accounts for their
customers. The problems inherent in this design are:
o A proliferation of mail boxes - imagine a customer that interacts
with 6 government agencies, they would need to check 6 mail boxes;
o The mail boxes are completely under the control of the agencies.
If the service were removed, you would lose your interaction
history;
o A legal requirement to have sending and receiving email systems
under separate control, to provide the same legal certainty as
postal mail.
In the ideal situation, the government agencies could utilise the
existing SEEMail infrastructure to conduct secure communications with
their customers, if their ISPs supported SEEMail.
However, ISPs who would provide SEEMail infrastructure for agency
customers are concerned with:
o Cost: Who will pay for it?
o Experience: Who will implement and maintain it?
o Robustness: Will it cause problems and will it scale?
Clearly, SEEMail is not going to be easily scalable to the Internet
as a whole.
SecMX -- a better way to send email
I agree. SEEmail is not scalable to the internet as a whole.
The SEEMail system is based on the common misconception that a totally insecure system can be made secure by adding one or two secure technologies to it.
It is highly dangerous to provide any type of connection between two electronic environments where one is inherently secure and the other is inherently insecure. As a whole, such a connected system remains highly insecure and that delivers a misleading impression or misconception that it is providing a secure service. SEEMail is an example of this and I cannot see any fundamental difference with SecMX.
Security is a system-wide concept and can only be guaranteed if the entire environment is consistent and managed as a whole. For an email system, there is no possibility of creating a secure system and at the same time use multiple delivery agencies and standard internet email delivery protocols. This is unconditional and must be understood before any proffered secure email solution is evaluated.
There is no such thing as security or legal certainty with postal mail. Again, there is a common misconception that there is.
Postal mail, as with normal email, is completely out of your control the moment you put it into the postal tray or press the send button on Outlook. With both postal mail and email you have no idea of the route taken, there is no guarantee it has not been tampered with in transit, and there is no guarantee of delivery to the actual intended recipient (both can, and do, get lost).