GPG PGP S/Mime vulnerability
Anthony E. Greene
agreene@pobox.com
Wed Aug 8 04:07:02 2001
On Tue, 7 Aug 2001, Guy Van Sanden wrote:
>Under ideal surcomstances, yes it should.
>But I've already placed orders (without signatures) in the past
>via free-form e-mails. In my case, I ordered a computer.
>
>I think that, if they make signed messages legally binding,
>someone could take this signed message and resend it to another
>store... I could secure myself against this by including things
>like the company name in the message, but as I forgot to do so
>in the past, a lot of users will to...
This is a function of poor ordering system design, not digital signatures.
If the customer and the business chose to accept free-form email they have
chosen to accept the risk of error.
Tony
--
Anthony E. Greene <agreene@pobox.com> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU Generation. <http://www.linux.org/>