> The *real* problem is that digital signatures for E-mail work in > *exactly the same way* and provide *the same protection* as SSL does > for the Web.
> Yes, that's the problem, not the solution statement. It's also wrong. SSL is an interactive protocol; signed email isn't. SSL uses certs and the CA chains they imply. Some digital signature schemes for email do, perhaps, but some don't; it certainly is not inherent in "digital signatures for E-mail". SSL provides secrecy; signed email doesn't. (Encrypted email does, but you said "digital signatures".) To name just three. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
