Plus, mail-savvy users will know that authentication can take place on *sending* mail, not just *receiving* mailboxes. The mail app doesn't support encrypted SMTP, either on the traditional port 465, or using the STARTTLS command. This feature is present in ALL real mail clients out there today except Mail.app. It is foolish to assure users that their passwords are safe this may not be the case.

On a broader note, I have to emphatically disagree with the statement that apple is warm to encryption technologies. If apple were serious about encryption, as the author suggests, then they would be supporting transport level encryption options like IPsec, a standard part of the IPv6 networking stack which is conspicuously absent from MacOS X. IPsec supports host-to-host and gateway-to-gateway encryption (VPNs), which many favour as the long-term solution for encryption on the net.

For heaven's sakes, you can't even mount a webdav fileserver using https on this operating system.

While I'm enjoying having NEXTSTEP back, I for one won't be doing any encryption dances until IPsec is standard in the operating system.

Colin Henein