Failure of PKI in messaging

James A. Donald jamesd at
Thu Feb 15 17:41:05 EST 2007

Ed Gerck wrote:
 > That's not banking. Banks and their clients already
 > have a trusted relationship. The banks webmail
 > interface leverages this to provide a trust reference
 > that the user can easily verify (yes, this is my name
 > and balance). That's why it works, and that's what is
 > missing in the bank PKI email model -- what's that
 > relationship buying you?
 > Email for banks should thus leverage the relationship,
 > rather than present an ab initio communication.

Hence my proposal for a single sign on and messaging
system resembling IM buddy lists - the computer tracks
relationship information, rather than true name

          James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list