[79484] in cryptography@c2.net mail archive
Re: Failure of PKI in messaging
daemon@ATHENA.MIT.EDU (Ed Gerck)
Thu Feb 15 09:28:25 2007
Date: Tue, 13 Feb 2007 22:10:09 -0800
From: Ed Gerck <edgerck@nma.com>
To: cryptography@metzdowd.com
In-Reply-To: <20070214043253.60664.qmail@simone.iecc.com>
John Levine wrote:
> The great thing about Internet e-mail is that
> vast numbers of different mail systems that do not know or trust each
> other can communicate without prearrangement.
That's not banking. Banks and their clients already have a trusted
relationship. The banks webmail interface leverages this to provide
a trust reference that the user can easily verify (yes, this is my
name and balance). That's why it works, and that's what is missing
in the bank PKI email model -- what's that relationship buying you?
Email for banks should thus leverage the relationship, rather than
present an ab initio communication.
> It's hard to see any
> successful e-mail system in the future, secure or otherwise, that
> doesn't do that, since Internet mail killed all of the closed systems
> that preceded it.
It is not true that you can't secure first communications. It is just
harder and _not_ necessary for banks (because the client already knows
the bank and vice versa).
Best,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
