-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Ian G wrote: | |>> The reason the email trick works - I |>> guess - is because that email path is |>> never used. |> |> |> |> uh, no. It's because whatever email the issuer sends to the |> intended recipient is intercepted by the attacker. The attacker |> can click on any links, and use any passwords found in the mail |> that was intended for the proper recipient, since the email |> messages were not secured in any way. |> | | No, ok, let me spell it out. The reason the | attack on the email goes by undetected is | because the admin name in the DNS record | is not used for any other purpose. So any | other emails that would otherwise be stymied | are not going to help trigger detection. | | Just so we're clear; what is being proposed | is several small barriers and nuisances that | make it tricky for a thief to easily make one | hack and get away with it. It's an economic | approach, it's how you deal with things when | they are low value, and you don't want to | spend any money. | | Which is fine, because we are dealing with | the standard of using email to authenticate | here, we are not trying to compete with | hard paper Id forms. |
Nelson's parent post which started this thread uses the words "insecure email" I took his use of the word 'insecure' as deliberate and interpreted it as saying that 'secure' mail would be just fine. We're dealing with certs, why not just encrypt? A legitimate owner would be in possession of the keys whereas MITM style attacks would not.
Wren
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (Darwin)
iD8DBQFCE50+A/qR4Uok1vQRAqYeAKCW+9q9eep4aZk24/KswAMpWVXJXACgugTT 8ucFBf325Ye8zgy28UUs5zA= =KVdj -----END PGP SIGNATURE----- _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
