Viewing a single comment thread. View all comments

ColgateSensifoam t1_j0s3e0a wrote

Email is rarely authenticated, let alone encrypted

8

edman007 t1_j0sxuio wrote

Nah, it's mostly encrypted now. The issue is the way the encryption works they can't use the key the server sent it with in the client. The receiving sercyer has to have key.

If you want end to end encryption you need to use PGP or s/mime

3

uzlonewolf t1_j0suw6z wrote

Eh, the connections to and between servers are usually encrypted with TLS, just like websites, so it's not like it's completely plain-text either.

2

alphafalcon t1_j0tsk7q wrote

Yeah, usually... But the default fallback mechanism for "I can't connect via TLS/the certificate doesn't match/is expired/something is wrong" is either to ignore the invalid certificate or fall back to plain text.

It's better that directly sending plaintext but only marginally.

2