http://michaelsthoughts.disqus.com/enSun, 26 Oct 2008 16:32:35 -0000http://www.michaelridley.info/2008/04/18/firegpg-firefox-plugin-for-gnupg/#comment-3312948<p>Although I will admit to being a bit late in hearing about it, the revelation that Hushmail will roll over and provide decrypted e-mails when presented with a court order (as published in November 2007) makes them or any service that has custody of your private key suspect and vulnerable to LEO access. Since IBE *relies* on a third-party server providing the private key to allow decryption of the e-mail, it is NOT secure. IMO, it's probably *less* secure than Hushmail, which *admits* that they are subject to and will comply with court orders.</p><p>Voltage may have the best of intentions, but I have issues with the IBE model they are selling. PGP/GPG, while a bit more difficult to set up, you are the only one that should have access to your private key *and* the passphrase required to decrypt or sign messages. And you're right, you can't make people use PGP/GPG. Like the old saying goes, "You can lead a horse to water, but you can't make it drink."</p>PaulSun, 26 Oct 2008 16:32:35 -0000http://www.michaelridley.info/2008/04/18/firegpg-firefox-plugin-for-gnupg/#comment-3161995<p>Not everyone uses GPG or PGP...and you cannot make them use it. That's why it's NOT easy to use. Solutions like Voltage SecureMail allows you to send encrypted messages to anyone using Identity Based Encryption (IBE), the next generation of PKI.</p><p>See <a href="http://www.voltage.com/vsn" rel="nofollow noopener" target="_blank" title="http://www.voltage.com/vsn">http://www.voltage.com/vsn</a> to try it for yourself.</p><p>You can use it with Firefox, IE, Safari...any browser...</p><p>Messages are in control of the sender and the recipient...never stored on the service.</p>DougMon, 21 Apr 2008 19:28:23 -0000