E-Mail Encryption: Why Isn't Everyone Doing It?

Mark H. Wood mwood@IUPUI.Edu
Mon Oct 28 16:20:01 2002


On 23 Oct 2002, Peter Schuller wrote:
[snip]
> E-Mail is also like postal mail. You have no way of knowing who sent it
> - unless you trust a return address which can be faked as easily as it
> can be real.

A while back, when someone was sending anthrax spores through the mail
over here, I actually spent some time thinking about whether cryptographic
signatures could be adapted to verification of the return address on
physical mail.  I gave up when I realized that, not being trained in
cryptography, I didn't trust my own answers.

[snip]
> I believe users (and others...) must be taught to respect security and
> understand the basic principles of trust that are a fact of life - with
> or without computers.

I'm going to teach my children such things, so maybe that's a start. :-/

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".