I didn't posit this as a problem. Others did. I jumped in at the point that you
said s/mime was already a solution, with a message that proved otherwise.
It would be better to say that if there were a problem, and people wanted
to solve it, the pieces are all there with S/MIME. MUAs all know
On 26 May 2011, at 14:40, John R. Levine wrote:
>>> So this tells me that existing mail software doesn't try very hard to
>>> recover signatures from modified messages, even for simple changes that
>>> don't need any guessing or heuristics to undo.
>>
>> My client found the signature, otherwis
On 26 May 2011, at 14:40, John R. Levine wrote:
>>> So this tells me that existing mail software doesn't try very hard to
>>> recover signatures from modified messages, even for simple changes that
>>> don't need any guessing or heuristics to undo.
>>
>> My client found the signature, otherwis
Steve Atkins wrote:
>
>On May 30, 2011, at 3:23 PM, Murray S. Kucherawy wrote:
>> or at least the chain-of-trust capability, but no proof that the
>increased risk is worth the increased gain.
>>
>Chain of trust is a somewhat different thing, and could likely be
>implemented with little, if any,
> Chain of trust is always an appealing model. Unfortunately, it hasn't
> been used successfully over the open Internet.
I agree with your doubts about the utility of chain of trust, but I would
have to say that SSL signed web sites are used successfully over the open
Internet.
Regards,
John
On 26 May 2011, at 23:19, Steve Atkins wrote:
> That's relying on an awful lot of vaporware in the MUA, orthogonal to any
> sort of authentication. I don't think any MUAs really track sender reputation
> in any way[1].
Certainly Outlook with Exchange does. If you mark a message as spam, then
On 31/May/11 00:23, Murray S. Kucherawy wrote:
>> -Original Message-
>> From: On Behalf Of Steve Atkins
>>
>> The most obvious thing that MLMs do that invalidate signatures are 1.
>> append content to the body and 2. prepend content to the subject line.
>> Any approach that allows me to r
