[AusNOG] iron secure email service
Scott Howard
scott at doc.net.au
Wed May 18 14:45:03 EST 2016
Close but not quite. CRES (Cisco Registered Envelope Service) is basically
the cloud version of this, run by Cisco. What BoA is using is the older
on-prem version which is no longer sold but is fundamentally the same thing
only without using Cisco servers, although I don't think that was ever sold
under the Cisco brand (it was originally PostX, and then later IronPort
when it was acquired).
It's been many years since I've sold/supported PostX/IronPort, but at the
time the Java stuff was only required if you were attaching files,
otherwise it could use Javascript (in which case the message was decrypted
locally), or just straight HTML (message decrypted on the server so it was
slower).
As for why people do this, in many areas it's mandatory that certain email
is encrypted. TLS generally does NOT meet the requirements (as you can only
guarantee it's encrypted for the first hop, not later hops or in storage).
Solutions like PXE, Voltage, ProofPoint Encryption and others generally do
meet the letter of the regulations - even if they really aren't good
"encryption" in any sense of the word...
Scott
On Tue, May 17, 2016 at 5:18 PM, Brad Peczka <brad at bradpeczka.com> wrote:
> Not new. From memory, has been marketed for some time as the "Cisco
> Registered Envelope Service", designed to facilitate delivery of encrypted
> messages to clients outside the sending organisation.
>
> Java is a bit naff, but Cisco seem unable to develop a product UI without
> it.
>
> Regards,
> -Brad.
>
> ________________________________________
> From: AusNOG [ausnog-bounces at lists.ausnog.net] On Behalf Of Alex Samad -
> Yieldbroker [Alex.Samad at yieldbroker.com]
> Sent: Wednesday, 18 May 2016 7:57 AM
> To: ausnog at lists.ausnog.net
> Subject: [AusNOG] iron secure email service
>
> Hi
>
> Any one come across this. Is this a new trend.
>
> One of my users has an email from BAML (Bank of america). have to go
> to a BAML website create username and password and look at the email
> via a browser (or a java app by the looks of things)
>
> A worrying trend if all emails are going this way...
>
> Wonder what others have seen / heard of
>
> A
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160517/7049484a/attachment.html>
More information about the AusNOG
mailing list