Free Republic
Browse · Search
News/Activism
Topics · Post Article

To: palmer

Fake tokens was a bad way to put it - I was thinking about the alt tokens that admins have, but those aren’t linked to email.

Each email account has a set of keys, one public, one private. The public keys are published with the address listings. All the private keys are centrally (securely*) stored by the issuing authority. You might have a password on your Outlook pst folder, but that’s the extent of the protection. (It’s probably something easily cracked.)

Someone might have two current sets of keys - they might have one set for a personal account and one set for an organizational account. Or they might know someone who will set up a bogus account for them, but if they got a set of encryption keys, those keys are centrally held and if the court wants to know what’s in the emails, there is a hight probability they can find out.

My guess is they thought they were cute enough by having the second account and didn’t even bother with the keys, but that’s just my guess.


36 posted on 11/19/2012 9:34:10 PM PST by Gil4 (Progressives - Trying to repeal the Law of Supply and Demand since 1848)
[ Post Reply | Private Reply | To 34 | View Replies ]


To: Gil4
All the private keys are centrally (securely*) stored by the issuing authority

No. Typically the private key is generated in your browser and the certificate authority signs the public key in a cert request. There are other authentication schemes where a server keeps a private key and sends it to your email client when it is needed, but are not standard PKI.

If you decide to buy an email cert from verisign or someone else, they do not ever touch or see your private key.

37 posted on 11/20/2012 2:11:21 AM PST by palmer (Jim, please bill me 50 cents for this completely useless post)
[ Post Reply | Private Reply | To 36 | View Replies ]

Free Republic
Browse · Search
News/Activism
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson