Re: it's not the crypto

In message , "Arnold G. Reinhold" writes: >> > >While I certainly agree with your general point, I don't think this >case is good exemplar. > >"The exploit requires the person reading a wiretapped email >message to be using an HTML-enabled email reader that

Re: it's not the crypto

Well, there's quite a distance between executing something that is signed by a public entity during a transaction that I initiate, and having code silently execute because something was pushed to me unsolicited. btw, the suggested workaround in the privacy advisory does not appear to work - at le

Re: it's not the crypto

> The notion that e-mail should be permitted to contain arbitrary > programs that are executed automatically by default on being opened > is so over the top from a security stand point that it is hard to > find language strong enough to condemn it. It goes far beyond the > ordinary ris

Re: it's not the crypto

At 8:58 AM -0500 2/5/2001, Steve Bellovin wrote: >Every now and then, something pops up that reinforces the point that >crypto can't solve all of our security and privacy problems. Today's >installment can be found at >http://www.privacyfoundation.org/advisories/advemailwiretap.html > >For almost