From:                   Ed Gerck <[EMAIL PROTECTED]>
> Depends on your use. An X.509 identity cert or a PGP 
> cert can be made as secure as you wish to pay for.

Many users are already using MUAs that check signatures.
Why are phishing targets not already using signed mail? 

I conjecture that this is because true names don't really address the 
issue of true relationships.  Does anyone have any market research 
information as to why phishing targets generally send out plain mail?

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to