NPR : E-Mail Encryption Rare in Everyday Use
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Mon Feb 27 01:23:36 EST 2006
Alex Alten <alex at alten.org> writes:
>What I really hated about it was that when fred at company.com sent me an email
>often I couldn't decrypt it. Why? Because his firm's email server decided
>to put in the FROM field "fred at server.company.com". Since it didn't match
>the email name in his X.509 certificate's DN it wouldn't decrypt the S/MIME
>attachment. This also caused problems with replying to his email. It took us
>hours, with several experimental emails sent back and forth, to figure out
>the root of the problem.
Something's getting lost in this description. What does the value in the
"From" field have to do with you decrypting a message? OTOH the mention of an
"attachment" indicates a detached S/MIME signature, which doesn't have
anything to do with encryption. If it is a signature, then the software
should verify it with the included cert and display that as the signer.
Please correct and resubmit.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list