Re: [Spam:5.9 SpamScore] Re: [SECURITY] Please print and post -

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Tue, 12 Oct 2010 12:31:10 EDT, Eme Ejike said:

> This brings me to the main point.....Mail Signing or simply some sort of
> message hash validation.

PGP and S/MIME signatures have both been available for a *long* time (the PGP
key this mail is signed with is over a decade old, I have another key from
1994).  However, that only provides authentication - it does *not* address the
more troublesome issue of authorization.  The fact that my mail is PGP-signed
and thus presumably from me, doesn't actually tell you what you *wanted* to
know - is this a mail that is actually safe to open and read (many will say no,
as my mail tends to raise their blood pressure to dangerous levels. :)

Equally a problem is that in a software ecosystem where an estimated 140
million machines are compromised, it's hard to validate that the actual user
did the signing, as opposed to software with stolen credentials. (The technical
reason is that a valid signature doesn't prove the user and the data were in
the same place at the same time, it proves that the secret key and the data
were together).  Unfortunately, there's no really good way to address this
unless you use a hardware smart card or token or other 2-factor system.

And given that we've totally failed in explaining to users what that little
padlock in the corner of their browser screen *really* means, I despair of
non-security folk understanding the concept for e-mail.

Attachment: _bin
Description: