Encrypting e-mail in my definition would be encrypting the contents so only the recipients will be able to decrypt and read it. The context is administrators and and staff exchanging sensitive information like SSNs to perform the business of the university like making sure you are paid. Working with HR and Payroll types, this is a real issue for people doing their jobs. It will be a major project to get this working so all admin types are able to use it. It almost has to be seamless and work with all e-mail clients used on Campus. If not some folks may need to change e-mail clients and you know what the word change does to some folks. Yes there is the question of forwarding the e-mail and how do you handle the original message. I would assume encrypt the entire message to include the original so the new recipient could decrypt and read it. The other issue is how the e-mail is stored on both servers and local PCs. It should be store encrypted and only decrypted when read. That could eliminate some of the exposure we have of sensitive data on workstations. Rick John Valenti writes: > Rick, > > MSU's central email system has used encryption since the re-design of > a few years ago. POP, IMAP and the web interface all use encrypted > connections. > > The mail isn't encrypted on the mail servers, maybe that is what you are > asking about? I haven't seen a big need for that, at least in our > department. > > Perhaps this would be a good reason to suggest not forwarding email > to another system (or to keep all participants within mail.msu.edu). > > -John > LIR > I'm not aware of any e-mail systems encrypting locally stored e-mail messages. I know that Google doesn't from our presentation this week. Its true that we can transmit data to mail.msu.edu encrypted, and as you pointed out the weak point is the e-mail to e-mail server connections. It sounds like someone would like a PKI, public key infrastructure, for encrypting individual messages. Implementing a PKI for campus would be a large project to undertake. -Ed