Exposing email addresses on key servers

Brad Rogers brad at fineby.me.uk
Mon Jun 29 09:19:53 CEST 2009

On Sun, 28 Jun 2009 18:11:10 -0400
"Robert J. Hansen" <rjh at sixdemonbag.org> wrote:

Hello Robert,

> Because the bank is concerned about the bank's security, not yours.
> The bank exposes itself to no additional risk by sending out HTML

I beg to differ.  By sending HTML emails, it means they're likely to end
up *receiving* HTML mail because many people's mailer replies "in kind"
by default, and the users don't alter the default settings.

> Since the risk is borne by you, and the reward -- in the form of a more
> professional-looking communication -- is gained by the bank, it's in

It doesn't look professional if they are talking about security.

> the bank's best interests to send HTML email.

Not when, like Werner and me, it gets consigned straight to the bin.

To be fair to one of the organisations I deal with, a credit card
company, they *do* only send plain text emails.  They also rang me to
query some odd transactions on the card.  It turns out they were not
made by me, and the card was immediately cancelled.

However, non of that has to do with GPG, so.......

 Regards  _
         / )           "The blindingly obvious is
        / _)rad        never immediately apparent"

Every single one of us
Devil Inside - INXS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: </pipermail/attachments/20090629/dfc90791/attachment.pgp>

More information about the Gnupg-users mailing list