Exposing email addresses on key servers

Robert J. Hansen rjh at sixdemonbag.org
Mon Jun 29 00:11:10 CEST 2009

Brad Rogers wrote:
> It always puzzles me why banking organisations send html email pointing
> out that "we all need to be security conscious" since html is so easily
> exploited for nefarious ends.

Because the bank is concerned about the bank's security, not yours.  The
bank exposes itself to no additional risk by sending out HTML email.
You expose yourself to some risk (how much depends on your MUA) by
reading HTML email.

Since the risk is borne by you, and the reward -- in the form of a more
professional-looking communication -- is gained by the bank, it's in the
bank's best interests to send HTML email.

More information about the Gnupg-users mailing list