[Cryptography] Well Known Bad Idea: ask users to make security decisions, or If you *work* for Apple, please update your email software

[John Levine]

It appears that Kent Borg <kentborg at borg.org> said:
>-=-=-=-=-=-
>
>On 10/4/25 5:24 PM, Jerry Leichter wrote:
>> For*legitimate* mail messages, the display name is something that actually make sense to a human being, while the email address
>typically is often something pretty meaningless.
>
>If major players such as Apple displayed the actual e-mail address 
>(maybe correlated with whether the sending machine was consistent), 
>mailers would maybe learn to behave themselves and make that useful 
>information. (And the mailer services would see their business hurt.)

Aw, come on. For the first three decades or so, mail programs all showed the
address and it made no practical difference. This isn't a guess, there is a lot
of research and experience. For anyone who actually cares about this, the USENET
SOUPS conference proceeedings are a good place to start.


>I have to comment that I hate the updated subject line.

I'm not surprised but I have to say that this argument has just reinforced my
point. People who have no experience with security human factors make assertions
that have repeatedly been shown not to be true. Repeating them more times won't
change that.

I don't claim any great expertise in this area but I have tried to read papers
from people who do.

R's,
John

PS:

"maybe correlated with whether the sending machine was consistent"

That would be SPF. It turns out not to work because sending machines are shared
and you can't tell from an IP address which of several thousand customers it
might be. If you are telling Google and Microsoft to give each of their hosted
mail customers a separate IP, well, good luck with that.