RE: Good enough?


Hallam-Baker, Phillip writes:

Mass should behave in exactly the same way that S/MIME should, treat a
broken signature in EXACTLY the same way that an unsigned message is
treated.


We should note there is another case where you can say that
something is actually bad: when the signature verifies, but
the home domain doesn't authorize it. This is your
"phishing" case (or at least, it may be due to phishing).
In this case, I paint my messages up red so that I can see
that something looks suspicious. This is also interesting in
conjunction with a home domain policy which says "I sign
everything".

       Mike

<Prev in Thread]	Current Thread	[Next in Thread>
Good enough?, Hallam-Baker, Phillip Re: Good enough?, Tony Finch Re: Good enough?, John Levine RE: Good enough?, Hallam-Baker, Phillip RE: Good enough?, Tony Finch RE: Good enough?, Michael Thomas <= RE: Good enough?, Hallam-Baker, Phillip Re: Good enough?, Sam Hartman Re: Good enough?, Justin Mason RE: Good enough?, Tony Finch RE: Good enough?, Douglas Otis RE: Good enough?, Hallam-Baker, Phillip RE: Good enough?, Miles Libbey Re: Good enough?, Jim Fenton Re: Good enough?, Miles Libbey Re: Good enough?, David Mayne

Previous by Date:	Re: Want a BoF at IETF 62?, John Levine
Next by Date:	RE: Good enough?, Tony Finch
Previous by Thread:	RE: Good enough?, Tony Finch
Next by Thread:	RE: Good enough?, Hallam-Baker, Phillip
Indexes:	[Date] [Thread] [Top] [All Lists]