Failure of PKI in messaging
-- Obviously financial institutions should sign their messages to their customers, to prevent phishing. The only such signatures I have ever seen use gpg and come from niche players. I have heard that the reason no one signs using PKI is that lots of email clients throw up panic dialogs when they get such a message, and at best they present an opaque, incomprehensible, and useless interface. Has anyone done marketing studies to see why banks and massively phished organizations do not sign their messages to their customers? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG BwrcLrYHszR0syC9LdVrjxAionyxVDwbtJq8Xu2q 4ky71ODjPeHF5TC4pnkktFaLHEOfFN4fY8JEyqnfn - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Failure of PKI in messaging
I'm all for email encryption and signatures, but I don't see how this would help against today's phishing attacks very much, at least not without a much better trust management interface on email clients (of a kind much better than currently exists in web browsers). Otherwise the phishers could just sign their email messages with valid, certified email keys (that don't belong to the bank) the same way their decoy web traffic is sometimes signed with valid, certified SSL keys (that don't belong to the bank). And even if this problem were solved, most customers still wouldn't know not to trust unsigned messages purporting to be from their bank. -matt On Feb 12, 2007, at 16:43, James A. Donald wrote: -- Obviously financial institutions should sign their messages to their customers, to prevent phishing. The only such signatures I have ever seen use gpg and come from niche players. I have heard that the reason no one signs using PKI is that lots of email clients throw up panic dialogs when they get such a message, and at best they present an opaque, incomprehensible, and useless interface. Has anyone done marketing studies to see why banks and massively phished organizations do not sign their messages to their customers? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG BwrcLrYHszR0syC9LdVrjxAionyxVDwbtJq8Xu2q 4ky71ODjPeHF5TC4pnkktFaLHEOfFN4fY8JEyqnfn - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Failure of PKI in messaging
On Mon, 12 Feb 2007 17:03:32 -0500 Matt Blaze [EMAIL PROTECTED] wrote: I'm all for email encryption and signatures, but I don't see how this would help against today's phishing attacks very much, at least not without a much better trust management interface on email clients (of a kind much better than currently exists in web browsers). Otherwise the phishers could just sign their email messages with valid, certified email keys (that don't belong to the bank) the same way their decoy web traffic is sometimes signed with valid, certified SSL keys (that don't belong to the bank). And even if this problem were solved, most customers still wouldn't know not to trust unsigned messages purporting to be from their bank. Precisely. The real problem is the human interface, where we're asking people to suddenly notice the absence of something they're not used to seeing in the first place. Yes, there have been studies. They've all been quite disappointing. I'm working on some related material right now, with the financial sector. It's not an easy problem. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
