--
Obviously financial institutions should sign their
messages to their customers, to prevent phishing. The
only such signatures I have ever seen use gpg and come
from niche players.
I have heard that the reason no one signs using PKI is
that lots of email clients throw up panic dialogs
I'm all for email encryption and signatures, but I don't see
how this would help against today's phishing attacks very much,
at least not without a much better trust management interface on
email clients (of a kind much better than currently exists
in web browsers).
Otherwise the phishers could
On Mon, 12 Feb 2007 17:03:32 -0500
Matt Blaze [EMAIL PROTECTED] wrote:
I'm all for email encryption and signatures, but I don't see
how this would help against today's phishing attacks very much,
at least not without a much better trust management interface on
email clients (of a kind much