Jargons of Info Tech industry
Steven D'Aprano
steve at REMOVETHIScyber.com.au
Sun Oct 9 11:18:37 EDT 2005
On Sun, 09 Oct 2005 13:36:26 +0000, Tim Tyler wrote:
> Since - in Roedy's essay - messages are digitally signed, authority
> to advise about any email address updates would presumably be confined
> to those people with access to the sender's private key.
If I have the sender's private key, then I can pretend to be him. That
would mean that when you received an email from the sender, you couldn't
be sure if it actually came from him or not, thus defeating the purpose of
having a private key.
> Even /without/ any form of authentication, a standard change-of-address
> message - which is understood by mail readers - is a fine and sensible
> idea.
So any random person -- or bot -- could send an email to my business
associates, telling them that my email address had changed to
industrial_espionage at spyware.com, please send all your confidential
information directly there thank you very much.
Yeah. Fine *and* sensible.
--
Steven.
More information about the Python-list
mailing list