ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: 2. Uselessness of C/R

2004-01-28 16:49:22
Hallam-Baker, Phillip wrote:
Beside regular C/R without Turing tests, I am not aware of something that can do the same thing without changing something in the underlying email architechture. The whole advantage of C/R is that it does not require anything to be changed, but annoys end-users. If you can list some other alternatives that can verify the return address, that would be helpful.


S/MIME does not require a change to the email architecture:-)

The issue here is deployment. An individual can deploy C/R without any deployment dependencies on any other party.

That is only a show stopper if you are not in a position to influence
the deployment of a new architecture for a substantial fraction
of the Internet.


While we are on the topic of S/MIME: currently majority of MUAs have S/MIME support built-in including root certificates. Why is that no banks or financial companies that are suffering from "phishing" attacks, consider signing their email via S/MIME?

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"And this too shall come to pass"
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>