Video Screencast Help

Encryption Server to decide PGP or TLS (mail) encryption

Created: 04 Jul 2013 | 3 comments
VRSM's picture

Hi all.

I've just been asked if the Encryption Server is able to "decide" if PGP or TLS encryption should be applied. Scenario is that normally all mails are PGP encrypted, however it is required for a few external parties not to apply PGP encryption but TLS encryption (gateway2gateway). 

AFAIK, the Encryption Server is not able to "moderate" or make this decision, it has to be an external agent, let's say the mail server just before sending the mail to the Encryption Server OR a MTA which receives, PGP encrypted or not (depending on the mail policies), the mail coming from the Encryption Server.

Anyone  experience with such scenario?

Thanks.

Operating Systems:

Comments 3 CommentsJump to latest comment

Alex_CST's picture

TLS and PGP are 2 different things.

TLS encrypts the actual transport of the email, whereas PGP encrypts the content itself.  That means that the 2 will not actually interfere with eachother.  Things will only go wrong when the actual email itself is being encrypted more than once

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

VRSM's picture

Alex_CST, thanks for your input. My question would be more oriented on the capabilities of the Symantec Encryption Management Server to apply TLS and decide whether to use TLS or PGP encryption depending on the recipient.

Scenario:

* Company A has the Encryption Server and uses it for mail encryption.

* For exchanging mail with company B it uses PGP encryption.

* For company C it should use TLS encryption.

Is the Encryption Server capable decide if mail goes to company B use PGP encryption, if it goes to company C, apply TLS encryption?

Alex_CST's picture

The UN will initiate TLS connections when requested or forced to I believe, even if the email in question doesn't need to be encrypted by PGP.

Please mark posts as solutions if they solve your problem!

http://www.cstl.com