Citibank discloses private information to improve security

Ed Gerck edgerck at nma.com
Fri May 27 13:16:17 EDT 2005


Wells Fargo reported to me some time ago that they tried using digitally
signed S/MIME email messages and it did not work even for their _own employees_.

Also, in an effort to make their certs more valuable, CAs have made digitally
signed messages imply too much -- much more than they warrant or can even represent.
There are now all sorts of legal implications tied to PKI signatures, in my opinion
largely exagerated and casuistic.

If someone forges a digitally signed Citibank message, or convincingly spoofs
it, the liability might be too large to even think of it.

Using a non-signed codeword that the user has defined beforehand allows the
user to have a first proof that the message is legitimate. Since the user
chooses it, there is no privacy concern or liability for the bank. Of course,
here trust decreases with time -- a fresh codeword is more valuable. But if
the user can refresh it at will, each user will have the security that he wants.


Matt Crawford wrote:
> On May 26, 2005, at 13:24, Ed Gerck wrote:
> 
>> A better solution, along the same lines, would have been for Citibank to
>> ask from their account holders when they login for Internet banking,
>> whether they would like to set up a three- or four-character combination
>> to be used in all emails from the bank to the account holder.
> 
> 
> Why couldn't they just use digitally signed S/MIME email?  I'm sure that 
> works just as well as signed SSL handshakes.
> 
> 
> Oh.  Answered my own question, didn't I?

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list