200 8.1 Safe communication: Messaging
8.1
Safe communication: Messaging
Two lovers stand in the bedroom gazing into each other's longing eyes.
They move toward the bed, their bodies pulling closer like a magnet and a
piece of iron. Their hearts thump like loudspeakers at a rock concert. Closer
they move to the point of serious communiqu6. Now, with lust in their
hearts, they exchange their x.509 certificates and send an encrypted message
of love.
Whew~that was hot! What intense communication? Fortunately, our
lovers practiced "safe communication." First they exchanged certificates and
then consummated their communication. In this case, they set up a secure
channel between themselves and established end-to-end privacy. This pro-
cess involved using the certificates to identify themselves, after which they
enabled SSL. And the data flowed in both directions. They lived happily
ever after and were totally safe from all bugs and viruses~that is, until one
of them said, "I love you." Oops. I just crashed my partner and wiped out
his/her hard drive. How can this be? All I did was forward the simple mes-
sage "I love you." What happened?
The moral of our story is ... love hurts. No, wait, that's not it. The real
lesson is that secure messaging is a battle against the elements, which
include the following:
Uninformed users
Foolhardy administrators
Premeditated attacks
Bad use of messaging resources
Limited implementation of messaging~that is, not enough resources
Messaging is one of the most important mission-critical applications of
the network era. For anyone who is not convinced, imagine shutting down
the messaging servers in your company for five days. What would happen?
The CIO would be inundated with complaints from the company's
employees~and even from customers and vendors~that the business was
inoperable without messaging capability. As we can see, messaging is critical
to doing good business.
Following are some of the components that comprise a messaging system:
E-mail systems
The ability to send a messages to multiple recipients

Get Internet Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.