On Thu, 04 May 2000 15:25:37 EDT, Keith Moore said:
> Perhaps unfortunately, RFC 2046 doesn't come right out and say
> "DON'T EXECUTE CONTENT IN EMAIL MESSAGES".
>
> Then again, it doesn't say DON'T CUT YOUR CUSTOMER'S ARM OFF either.
>
> not that it would matter if it did...
There's simple ina
On Thu, 04 May 2000 17:24:35 MDT, Vernon Schryver <[EMAIL PROTECTED]> said:
> It wouldn't help much, unless you are of the religion that believes
> authentication implies authorization. Or don't you think that
Unfortunately, some people are as neuron-paralized by this religion
as by many others
In message <[EMAIL PROTECTED]>, Keith Moore writes:
>
>note that it takes a nontrivial user interface to communicate this to
>a recipient of email: e.g.
>
> NOTE: this message was signed by someone purporting to be
> Keith Moore <[EMAIL PROTECTED]>. The signature is validated
> by a certifi
> ] ...
> ]You could have senders sign any executables. That might help a
> ] little, as long as the sender's machine hasn't been compromised.
> ]
> ] this would also help, but we'd need a better way to verify the sender's
> ] signature than we have now.
>
> It wouldn't help much, un
On Thu, May 04, 2000 at 05:24:35PM -0600, Vernon Schryver wrote:
> ] From: Keith Moore <[EMAIL PROTECTED]>
>
> ] ...
> ]You could have senders sign any executables. That might help a little,
> ] > as long as the sender's machine hasn't been compromised.
> ]
> ] this would also help, but
] From: Keith Moore <[EMAIL PROTECTED]>
] ...
]You could have senders sign any executables. That might help a little,
] > as long as the sender's machine hasn't been compromised.
]
] this would also help, but we'd need a better way to verify the sender's
] signature than we have now.
Keith Moore wrote:
> Perhaps unfortunately, RFC 2046 doesn't come right out and say
> "DON'T EXECUTE CONTENT IN EMAIL MESSAGES".
>
> Then again, it doesn't say DON'T CUT YOUR CUSTOMER'S ARM OFF either.
Don't be silly; a vendor would never cut a customer's arm off. How would
they pull out their
> Rather than making fun of or scream "stupid", why don't we keep
> developing and arguing for standard based 'solutions':
You mean like RFC 2046?
The recommended action for an implementation that receives an
"application/octet-stream" entity is to simply offer to put the data
in a fil
At 18:02 2000-05-04 Lillian Komlossy wrote:
>The whole world will not switch over to Unix
>- the average user will always be more confortable with Windows
The whole world might not be comfortable with Windows but many,
many of my collegues around the world work at companies where
they have abso