General discussion


TLS Legal Agreements / Contracts with Third Party

By TrevorEllis ·
One of the questions on my mind is the legal liability for the security of the contents of an email we send via TLS.

If we send someone a confidential email via TLS we can only verify the first hop is secure.

If they are using an anti-spam service, how do we know that they have arranged for a TLS connection for the final hop into their private network? How do we know if whether is through an enforced TLS link?

This will become more important as the UK Information Commissioner becomes aggressive over the disclosure of personal information.

I am wondering if anyone has published any agreement or contract between the two parties establishing responsibilities and liabilities.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums