Citibank discloses private information to improve security
Matt Crawford
crawdad at fnal.gov
Fri May 27 12:33:47 EDT 2005
On May 26, 2005, at 13:24, Ed Gerck wrote:
> A better solution, along the same lines, would have been for Citibank
> to
> ask from their account holders when they login for Internet banking,
> whether they would like to set up a three- or four-character
> combination
> to be used in all emails from the bank to the account holder.
Why couldn't they just use digitally signed S/MIME email? I'm sure
that works just as well as signed SSL handshakes.
Oh. Answered my own question, didn't I?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list