Sign in / up

back to article .Bank hires Symantec to check credentials

The launch of new .bank domain names is one step closer with the announcement [PDF] that Symantec has been chosen to act as the credentials verifier for the top-level domain. Dot-bank domains represent a new type of domain name - one restricted to a very specific group of people in order to enhance security. Banks and …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Really?

    Soon you might be able to trust that financial email

    That surely depends whether you trust Symantec not to make a pigs breakfast of it in the first place?

    4 0 Reply
    1. Anonymous Coward
      Reply Icon
      Alert

      Re: Really?

      That was my first thought … if they check those details as well as they check their software … WE'RE DOOMED!

      1 0 Reply
    2. John Tserkezis
      Reply Icon

      Re: Really?

      There's a local drug dealer here that's trying to get into the finanical game - as a hobby you understand.

      I trust him more than Symantec.

      3 0 Reply
    3. Mark 85
      Reply Icon

      Re: Really?

      Not even that. Seems most spam/malevolent email use spoofed "sent from" anyway. The average user will be told that email from .bank is safe and be the perfect stooges for miscreants. After all what's not to believe?

      3 0 Reply
      1. jb99
        Reply Icon

        Re: Really?

        Totally true, and I consider that a huge flaw.

        However, if the bank domain is strictly controlled it should be much easier for an email agent or client to check that the mail is actually sent from an authorized sender for that domain. No idea if they've actually implemented anything to do this. If not then it's worthless, or worse than worthless because it introduces a false trust in emails from bank addresses

        0 0 Reply
      2. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Really?

        "Seems most spam/malevolent email use spoofed "sent from" anyway."

        And worse by far on most mobile clients, where you can't access the headers in any case.

        0 0 Reply
  2. Hans 1
    WTF?

    see icon

    >Soon you might be able to trust that financial email

    Never, ever trust an email from a financial institution.

    4 0 Reply
    1. JoshOvki
      Reply Icon

      FTFY

      Never, ever trust a financial institution

      6 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    But what bugs me

    Is when banks send legitimate email with links in them.

    I've finally convinced my old man to not trust any links in email. He's now happy to go to the web address he knows or use his mobile app to go and look at stuff.

    And like others have said it's not like you can't spam a from address.

    0 0 Reply
    1. VinceH
      Reply Icon

      Re: But what bugs me

      "Is when banks send legitimate email with links in them."

      What bugs me more is when the very same banks say they don't send them... then start sending them.

      0 0 Reply
  4. Dan 55 Silver badge
    Facepalm

    Information for our valued customers!

    You can finally trust our e-mails... all you need to do is you install an e-mail client with GPG and set up a public key.

    It's easy. For more information on how to do this please visit our security centre at http://www.weblogin.tk@natwest.bank/ to download our easy setup installer. To be sure that this link is secure, you may copy it and paste it in your browser instead of clicking on it.

    5 0 Reply
  5. sequester

    "Community restricted" and consulted by an AV vendor?

    Hey, sounds suspiciously like .XXX.

    0 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: "Community restricted" and consulted by an AV vendor?

      Both involve someone getting screwed.

      1 0 Reply
  6. David Roberts
    WTF?

    Policed by ISPs?

    Now if ISP mail servers would only accept mail signed by the bank from an authorised mail server we might at least have some confidence that the originator was correct.

    Oh, hang on, that doesn't require a special ".bank" domain, just a certificate.

    So what exactly does this offer beyond a nice little earner for the owner of the TLD?

    Oh, yes, a whole new flood of SPAM with spoofed originator addresses.

    0 0 Reply
  7. Andrew Commons

    Here we go again

    In the days when SSL was young the Certificate Authorities charged more for 'high assurance' certificates that required a little bit of proof before they were issued. This was all about TRUST.

    Roll the clock forward a bit... the Certificate Authorities are now offering certificates with higher assurance that will show up with a green background to prove they can be trusted....trade in your old high assurance certificates for these new green ones.

    Fast forward to today...the Certificate Authorities are going to issue certificates to a special domain to prove that they are trusted...trade in your green certificates for these new ones that will really be trustworthy this time.

    And tomorrow?

    They just keep failing to deliver and then turn around and take more money so they can fail to deliver again.

    Nice business model.

    2 0 Reply
  8. Cliff

    Not actually a bad idea, but easily spoofed

    This could contribute to goodness *IF WELL IMPLEMENTED* and as a PART of an integrated approach.

    Ever hopeful, eh?

    0 0 Reply
  9. Keven E.

    unfreakingbelievable

    "....and a check that the registrant is not on any blacklists."

    It's like crime fighting on the late 60's TV Batman.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon