-- On 26 May 2005 at 11:24, Ed Gerck wrote: > A better solution, along the same lines, would have > been for Citibank to ask from their account holders > when they login for Internet banking, whether they > would like to set up a three- or four-character > combination to be used in all emails from the bank to > the account holder. This combination would not be > static, because it could be changed by the user at > will, and would not identify the user in any other > way.
An even better solution would be if email clients silently did key continuity checking on a signature hidden in the email headers, if such a header is present, and then popped up an SSH style dialog if an accustomed key is absent or changed. With bank web sites, experience has shown that only 0.3% of users are deterred by an invalid certificate, probably because very few users have any idea what a certificate authority is, what it does, or why they should care. (And if you have seen the experts debating what a certificate authority is and what it certifies, chances are that those few who think they know are wrong) Do we have any comparable experience on SSH logins? Existing SSH uses tend to be geek oriented, and do not secure stuff that is under heavy attack. Does anyone have any examples of SSH securing something that was valuable to the user, under attack, and then the key changed without warning? How then did the users react? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 9xkPv5IiSbkDSyL+VmtW44PAr2ChEHEncpVVVLUp 4PtEJ+TutEYw9poqnX74X8nSltnDV22OJDPqsG1cS --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]