[Cryptography] Explaining PK to grandma

[Richard Clayton]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In message <529555B8.9060805 at echeque.com>, James A. Donald
<jamesd at echeque.com> writes

>We know in principle how implement email such that the from field works, 
>at least to the extent that if it appears to come from 
>example at example.com, 

The DMARC folks would argue that they have already have a deployed
scheme for doing this in _practice_, which now protects a very high
proportion of mailboxes

>that proves that the sender can receive, or 
>intercept, mail sent to example at example.com.
>
>Fixing email so that the from field works is easy.  It should have been 
>done.  It would not stop phishing, but would put a big crimp in it.

DMARC already changes how phishing must be done -- people argue that it
is therefore easier to spot. I know of no quantitative work to
demonstrate that the world is now a safer place.

- -- 
richard                                              Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBUpYJt+INNVchEYfiEQKXvQCfSDaipVmns7Qnfpyx5l6dNXh6OW4An1eZ
HUayBV+Tv/k6aM2nmAR9KZyq
=gwRZ
-----END PGP SIGNATURE-----