[17268] in cryptography@c2.net mail archive
Re: Citibank discloses private information to improve security
daemon@ATHENA.MIT.EDU (Matt Crawford)
Mon May 30 18:21:31 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 27 May 2005 11:33:47 -0500
From: Matt Crawford <crawdad@fnal.gov>
In-reply-to: <4296144C.7020302@nma.com>
To: cryptography@metzdowd.com
Cc: Ed Gerck <edgerck@nma.com>
On May 26, 2005, at 13:24, Ed Gerck wrote:
> A better solution, along the same lines, would have been for Citibank
> to
> ask from their account holders when they login for Internet banking,
> whether they would like to set up a three- or four-character
> combination
> to be used in all emails from the bank to the account holder.
Why couldn't they just use digitally signed S/MIME email? I'm sure
that works just as well as signed SSL handshakes.
Oh. Answered my own question, didn't I?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com