John Levine wrote:
In article <20200725194707.ga19...@rafa.eu.org> you write:
My bank - as I have already mentioned in this thread - S/MIME signs the
contents of their messages. ...
Where do you live? I've never heard of a bank here in North America doing that.
Here they barely undersstand SPF.
Was not that long ago we had to setup a tls-only postfix instance to
force two of California's largest financial institutions to stop sending
financial data in cleartext. To one of their credit the problem was
fixed within a few days after one long phone call. The other, one of
the US' largest brokerages, refused to use smtps or starttls for several
subsequent years. We still have a stack of paper statements 3+ inches
(80mm) high as a result.
It may seem odd that such large organizations with technically capable
staff wouldn't use all available encryption. Odd perhaps, until you
consider similarities with CALEA and how certain three letter government
agencies acquire political influence at the expense of business and
consumers. The slow adoption of S/MIME is likely also fallout from
these same special interests.
Roger Marquis
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
