So I have a business-friend that when I tried rubbing it in his face (he doesn’t care about privacy, and loves handing all his stuff to Microsoft) that I created a secure mail server on my own box, he threatened to sue me for not following “best practice”. He’s supposed to be a mentor, so he told me that would teach me a lesson about “privacy comes at a cost” and about real business security.
Anyways, I haven’t thrown anything important on my mail server, so I’m not too afraid at this stage. We carried on a conversation about mail security and other stuff, but he brought up a good security topic I wanted to talk about.
So there is “data in motion” and “data at rest”. Data in motion is like when Transport Layer Security secures your data from/to servers/clients. However, securing data at rest was interesting for mail security. He said something about–he does government systems, so I expect him to be working on over-secure systems–PKI signing and encrypting/decrypting on the client and stuff. If an organization hasn’t added a certificate to their list of certificate authorities on a business desktop computer, then the client cannot view the email.
I wanted to ask how I could play around with securing data at rest with my MIAB box and on my Ubuntu desktop on my Thunderbird mail client.