[148303] in cryptography@c2.net mail archive
Re: [Cryptography] Explaining PK to grandma
daemon@ATHENA.MIT.EDU (Richard Clayton)
Wed Nov 27 14:25:02 2013
X-Original-To: cryptography@metzdowd.com
Date: Wed, 27 Nov 2013 15:03:19 +0000
To: jamesd@echeque.com
From: Richard Clayton <richard@highwayman.com>
In-Reply-To: <529555B8.9060805@echeque.com>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message <529555B8.9060805@echeque.com>, James A. Donald
<jamesd@echeque.com> writes
>We know in principle how implement email such that the from field works,
>at least to the extent that if it appears to come from
>example@example.com,
The DMARC folks would argue that they have already have a deployed
scheme for doing this in _practice_, which now protects a very high
proportion of mailboxes
>that proves that the sender can receive, or
>intercept, mail sent to example@example.com.
>
>Fixing email so that the from field works is easy. It should have been
>done. It would not stop phishing, but would put a big crimp in it.
DMARC already changes how phishing must be done -- people argue that it
is therefore easier to spot. I know of no quantitative work to
demonstrate that the world is now a safer place.
- --
richard Richard Clayton
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBUpYJt+INNVchEYfiEQKXvQCfSDaipVmns7Qnfpyx5l6dNXh6OW4An1eZ
HUayBV+Tv/k6aM2nmAR9KZyq
=gwRZ
-----END PGP SIGNATURE-----
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography