Actually, my domain is "hecker.org", not "hecker.com"; I missed registering hecker.com when I had the chance. If you receive email from [EMAIL PROTECTED] then it is not me :-)
And I might add that if you actually got a message from "[EMAIL PROTECTED]" and replied to it, I suspect that you would be able to relatively quickly determine that it was not me on the other end.
Where acceptance of self-signed certs is much less justifiable IMO is with regard to email from banks, e-commerce sites, etc., both because such correspondence is impersonal and formulaic (and hence easily faked) and because it's mainly a one-way conversation (e.g., bank to you) with no ongoing discussion from which the user can build up knowledge of the person they're corresponding with.
There's one more difference I forgot to add: in personal email there is typically minimal "value" associated with any single message; the value (such as it is) is rather associated more with the overall conversation occuring over multiple emails. On the other hand in business correspondence a single message can represent significant value, both to the entities involved in the correspondence and to potential attackers.
One enduring problem I think is that traditional PKI was/is driven so much by the "one valuable message" model, where the goal was perceived as both protecting that one message (an invoice, a purchase order, a confidential business document, whatever) and embedding handling of that one message within a legal framework associated with formal business and governmental matters.
This is almost totally at odds with the nature and requirements of personal email, and thus I understand the concerns expressed by Ian and others regarding the appropriateness of current S/MIME practice for personal email. For example, as I understand Ian he believes that encryption is much more important than signing for personal email. I understand this point of view: people want encryption of email messages for the same reason they send personal letters in envelopes, namely to discourage casual eavesdropping, while signing is much less important, both because people have other less formal ways to "authenticate" their correspondents and because they perceive the threat of a MITM attack as of miminal relevance.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
