X.509 / PKI, PGP, and IBE Secure Email Technologies
James A. Donald
jamesd at echeque.com
Thu Dec 8 03:24:35 EST 2005
--
From: Ed Gerck <edgerck at nma.com>
> Depends on your use. An X.509 identity cert or a PGP
> cert can be made as secure as you wish to pay for.
Many users are already using MUAs that check signatures.
Why are phishing targets not already using signed mail?
I conjecture that this is because true names don't really address the
issue of true relationships. Does anyone have any market research
information as to why phishing targets generally send out plain mail?
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
CMjwBMx17XqegWEl4z+ZLdfTB+wFlQKrdm1516HH
4/HqDwhTaKRygswyOmR+oP41kfEhib7KJwyxDDq3p
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list