[19159] in cryptography@c2.net mail archive
Re: X.509 / PKI, PGP, and IBE Secure Email Technologies
daemon@ATHENA.MIT.EDU (James A. Donald)
Thu Dec 8 11:05:37 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
Date: Thu, 08 Dec 2005 00:24:35 -0800
In-reply-to: <439747F0.5070502@nma.com>
--
From: Ed Gerck <edgerck@nma.com>
> Depends on your use. An X.509 identity cert or a PGP
> cert can be made as secure as you wish to pay for.
Many users are already using MUAs that check signatures.
Why are phishing targets not already using signed mail?
I conjecture that this is because true names don't really address the
issue of true relationships. Does anyone have any market research
information as to why phishing targets generally send out plain mail?
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
CMjwBMx17XqegWEl4z+ZLdfTB+wFlQKrdm1516HH
4/HqDwhTaKRygswyOmR+oP41kfEhib7KJwyxDDq3p
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
