> Does this mean the WH isn’t encrypting ANY of its emails?
>> Use of encrypted email was prohibited because there ryas no
>> facility to manage records retention of encrypted email.

Which doc was that taken from? I wonder if it’s an ignorant commment (by whoever made it) or fact. If the later, it suggests to me incompetance rather than design (feature!!!). Centralized “signing” of email (eg. 3rd party “trusted” signing/encoding/decoding provided by companies such as RSA/Verisign for SSL/TLS email encryption) for “groups” or dedicated servers is now well established so far as retaining system wide administrator retention of required “keys” for decoding.

Put simply, this means a secure, centralized repository (database) of encryption passwords & keys for given email server(s) which would enable the decoding of any mail sent from any account on said server(s) by an authorized administrator. I can’t site a specific post, but tech issues relevant to just this kind of implementation were discussed in detail in Bruce Schneier’s blog. (Schneier’s books are cryptography 101 for computer professionals doing this security/encryption etc.). He actually released on open source, secure encrypted database for just this kind of thing that has been a model used widely for this “stuff”.

Beyond that, implementing what’s called “self-signing”… meaning having one’s own email server equipped with necessary validation procedures to handle all the RSA stuff, is widely used these days. It eliminates cost (RSA too pricey for many small startups, and unnecessary as well AFAIC), is as secure as RSA (or any other 3rd party “signer”), and makes it easy to centralize retention of all passwords/keys that would be necessary to establish a “facility to manage records retention of encrypted email”. All this “stuff” is integral part of my programming toolset, and something I’ve done a lot of for various HIPAA email.

If I’m Dick Cheney, and I tell architects of WH email system I want full administrative control to delete any records, any time, then I’d build an EXCHANGE server similiar to what these hearings (especially McDevitt’s charactarizations: system wide PST access) reveal as implementation. It also makes me thing that if indeed expunging records was integral, any encryption might be considered both unnecessary and also a hindrance when examining email that needed to be scrubbed.

There is the “separate” email system used by all the folks on the National Security Council staff (and those who communicate with the NSC folks like Rove to Hadley for example *g*) which is operated by the WHCA – White House Communications Agency.

The WHCA is 90% staffed by active duty military folks – predominately Army with something like 55% of the slots.

The WHCA does journals/archives/backups of their Exchange Server email system.

MD, can you give me a source for all that?

There is even an open question in my mind as to whether the WHCA folks secretly backup the OA Exchange Server email system.

This is one of the big problems probing through smokescreens of lies: leads to guesswork, however well founded, and ensuing uncertainty.

So anyone on the net could have archived all the traffic that was being generated (probably vetted to avoid all the web-based crap) if they were determined to do so, without having any access to the servers. Access to the servers just lets people with no particular expertise in networking play god with the email records.

The only qualifying credential I can see is that bit about Immaculata College — was she an authoritarian adherent? Was she always someone who’d ask How high, sir? whenever asked to jump? Yeah, I can see DeadEye and Co. digging on that attribute.

…In June 2002, Immaculata College received confirmation of university status from the Pennsylvania Department of Education. Effective August 2002, the college is now known as Immaculata University.

re kspena @72

Q:

Did the White House ever inform the National Archives of the results of your analysis?

A:

I received a number of inquiries from [NA]and in each case I redirected their inquires to the White House. I was very clear to [NA] that I was directed not to share information with them.

Bob in HI