Reply to post: Re: Email is absolutely broken...

Email security crisis... What email security crisis?

doublelayer Silver badge

Re: Email is absolutely broken...

So I should have a whitelist of people who can send me mail, having to negotiate their certificates approved by [not mentioned] so I can trust it? How do I deal with the "We would like to schedule your job interview for the important job you applied for." email that I'd like to read, but it's coming from an employee of that company whose identity I didn't know and therefore whose certificate I don't have, let alone approved.

That also makes the process of using email for casual communication, at which it works well, much more irritating:

Before:

"We should really discuss this later. Would you be interested in meeting next week?"

"Sorry, I'm busy then, but I'd love that. How about we email to find a time?"

"Perfect. My address is person@website.domain. I can write that down if you'd like."

After:

"We should really discuss this later. Would you be interested in meeting next week?"

"Sorry, I'm busy then, but I'd love that. How about we email to find a time?"

"Perfect. My address is person@website.domain. I'll need yours, as well, to approve it."

"Mine is another.person@adifferent.domain. Just let me get my phone out so I can send you my public key."

"Sorry. My phone died earlier. I suppose I can try to find someone with a USBC cable I can borrow so I can record that and send you mine."

"Otherwise, I suppose I could write down the hex value of my key and you could approve it. I hope that I'll remember to contact you, because without your key, I can't approve seeing your mails."

"That will work great! It's wonderful how we solved that insecure email problem, isn't it?"

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019