NHS email encryption
Dave Howe
ukcrypto at chiark.greenend.org.uk
Sun, 26 Aug 2007 17:36:07 +0100
Adrian Midgley wrote:
> But the assertion made to us is that nhs.net mail gives us secure access
> to our mail (IE maintaining "end to end" encryption) from eg home, when
> we read it collecting it from/using the nhs.net servers which are
> provided for access to internal mail from outside.
I haven't had such an assertion made to me, but then, I am not an NHS
employee. I would be surprised though if their secure mail solution
involved you sending via TLS from their internet facing (MX record
target) server, rather than (eg) using RPC-over-HTTPS with
outlook/exchange, some sort of delivered app (such as a citrix
environment), or https webmail.
> Again, this sounds a) bizarre, and b) not unlikely. But it would
> suggest that certain specific promises were not being kept.
Wouldn't surprise me, either way. As an external company merely sending
email to NHSnet users, we couldn't even raise it is a ticket - we aren't
users of the mail system (other than sending mail to those who are,
obviously)