From:  Ralf Senderek <[EMAIL PROTECTED]>
> I think what's missing is the understanding that there 
> cannot be secure email without the persons involved 
> acting responsible and knowing their role in the 
> process. Your mother will probably expect the computer 
> to do the job for her (mine will never expect anything 
> from computers) rejecting any responsibility for her 
> email's security. In my opinion establishing secure 
> email this way is impossible despite the fact that 
> encryption is (relatively) easy if our algorithms work 
> as expected

This sounds like "it is not my fault.  It is those 
stupid user's fault"

No, it is not those stupid user's fault.  It is our
fault.  For example phishing ought not to be possible -
would not be possible if we used zero knowledge
technologies to protect passwords.

Whenever a user communicates anything to anyone, they 
use a password, or some form of shared secret - their 
credit card number - the password whereby they login to 
their mail server. Therefore, whenever a user 
communicates anything to anyone, it should be secure, 
but it is not. 

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to