NHS email encryption

[Dave Howe]

Ian G Batten wrote:
> since the year dot.  I don't think it's totally unreasonable to refuse 
> opportunistic encryption from people using self-signed certificates: to 
> the eyes of the uninitiated SSL in that situation appears to offer 
> authentication when in fact it only offers some measure of confidentiality.

I don't see how that can really be an issue; the NHSNet server doesn't 
need to be sure that servers sending data *to* it are legitimate, as it 
doesn't (or shouldn't) care who talks to it. Clients *should* wish to be 
sure that the server they are talking to really is from NHSNet, just in 
case there is a MitM attack in progress, but even then, a self signed 
TLS certificate has got to be better than sending completely unencrypted 
(if nothing else, it forces use of a MitM attack instead of just passive 
sniffing of the traffic)

as a partial aside - has any CA in the history of SSL certification, 
ever had to pay or offered to pay compensation after mistakingly issuing 
certificates to someone not entitled to them?


> My memory is that it wouldn't accept my signed-by-a-self-signed-CA 
> certificates, unlike IanM's experience, but it was a long time ago that 
> I bumped into this problem.

Most TLS certificates are self-signed or signed by company/internal CAs. 
Commercial CA certificates are the exception rather than the rule (I am 
surprised CAs don't push that particular marketing line more, but they 
don't seem interested in TLS certs, just webserver ones)