Due to the fact that I have stumbled over a lot of PKI stuff in relation to
email
messages lately, I wonder how widely deployed PKI mechanisms will affect the
security
of the messages in a negative way.
Will PKI lead to more problems than it helps to solve?
Just think of virus scanning ... no scanner can check a message that is
encrypted with e.g. the public key of the recipient unless it knows the
corresponding private key.
Wider deployment of PKI will have viruses and spammers make advantage of
such information (probably stored on the infected host) and will disable
the scanners to scan/analyze the messages.
This will, however, increase the number of infected hosts, as e.g. ISPs will
not be able to scan the mailboxes or the transport traffic of their customers.
So the customers have either to run update AV software of their own (which we
know they don't) or we will have a massive increase of infected hosts.
What do you think?
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg