| 1 |
Rich Freeman wrote: |
| 2 |
> On Thu, May 23, 2019 at 12:49 PM Mick <michaelkintzios@×××××.com> wrote: |
| 3 |
>> On Thursday, 23 May 2019 16:40:23 BST Dale wrote: |
| 4 |
>>> Howdy, |
| 5 |
>>> |
| 6 |
>>> I'm trying to get some legal work done. I'm trying to do this over |
| 7 |
>>> email with a lawyer. For obvious reasons, I want to do this encrypted |
| 8 |
>>> but suspect they are not set up for this. |
| 9 |
>> Have you asked them? If they have some setup they use to ensure client |
| 10 |
>> confidentiality and data privacy, you'd be much better off to jump onto their |
| 11 |
>> system, rather than trying to negotiate the configuration of PGP and S/MIME |
| 12 |
>> with legal staff who may have zero technical capability and poor/uncooperative |
| 13 |
>> IT support. |
| 14 |
> ++ |
| 15 |
> |
| 16 |
> >From what I've seen these sorts of systems are usually just security |
| 17 |
> theater, such as emailing you a link to go to an SSL website to view |
| 18 |
> the "secure" message, never mind that somebody else could do the same |
| 19 |
> thing if they intercepted your email. But, it probably satisfies some |
| 20 |
> box-checker because the actual message is transmitted over SSL. |
| 21 |
> |
| 22 |
> I think this is probably the best you're going to do if you're not |
| 23 |
> communicating with people who get crypto, which is just about |
| 24 |
> everybody. |
| 25 |
> |
| 26 |
> Otherwise the rest of the email already covered some of the details. |
| 27 |
> You can just add multiple identities to a single GPG key or x509 |
| 28 |
> certificate, but if they aren't already using PKI/etc that seems like |
| 29 |
> a huge uphill battle. |
| 30 |
> |
| 31 |
> I think a corporate environment is much more likely to be using |
| 32 |
> S/MIME/etc than GPG. When I've seen these there is usually a central |
| 33 |
> CA that has some way to systematically assign certificates to |
| 34 |
> employees. Often this is only done on request. |
| 35 |
> |
| 36 |
> Law firms are also notoriously bad at IT from what I've seen. I know |
| 37 |
> a lawyer or two and many of these firms just let every partner do |
| 38 |
> things their own way, and their individual staff follow the partner's |
| 39 |
> lead. They're as bad as doctors, especially since the whole EMR thing |
| 40 |
> hasn't hit lawyers in the same way. |
| 41 |
> |
| 42 |
|
| 43 |
|
| 44 |
Well, I got a reply. They are not set up for encryption and don't seem |
| 45 |
to be interested in it either. There is only two of them, that I know |
| 46 |
of. It's a small town lawyer but I like the guy. Rare for me to like a |
| 47 |
lawyer. lol What I was hoping is to have two email address, one for |
| 48 |
each, but a single password. I couldn't find anything that showed that |
| 49 |
as doable so I thought I'd ask, out of curiosity if nothing else. |
| 50 |
|
| 51 |
I have to deal with a State entity for some communications and they do |
| 52 |
that send a link thing to go to a Cisco site to get/send emails. I |
| 53 |
guess it is somewhat better than just plain open email but as you point |
| 54 |
out, if they have the email with the link, they do the same as the |
| 55 |
intended recipient and get the encrypted email too. |
| 56 |
|
| 57 |
They are building a new cell phone tower but have not turned it on yet. |
| 58 |
They working on it tho. I'm hoping I'm not so close that I can't get a |
| 59 |
signal from it, umbrella effect I think it is called. Anyway, the best |
| 60 |
way to get me is email. Most of the time my cell has no signal. For |
| 61 |
that reason, I wish Lawyers, Doctors and some others would use some sort |
| 62 |
of secure messaging system so that I can do things without being snooped |
| 63 |
on. Sadly, other than the State entity mentioned above, no one else |
| 64 |
does this. To be honest, the only reason I set up encryption is that I |
| 65 |
have one friend who wants to do it that way and won't send emails unless |
| 66 |
they are. It doesn't matter what is in it either. Since I have it tho, |
| 67 |
I wish more would use it. There are times when I need to do things or |
| 68 |
even send attachments that I wouldn't want everyone seeing. I'm not |
| 69 |
sure why people who deal with sensitive info won't get some secure way |
| 70 |
of emailing. It's weird to me. |
| 71 |
|
| 72 |
At least I have my answer and learned a few other things as well. |
| 73 |
|
| 74 |
Thanks to all. |
| 75 |
|
| 76 |
Dale |
| 77 |
|
| 78 |
:-) :-) |
Archives