lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: kudzu at tenebras.com (Michael Sierchio)
Subject: Signed e-mail vs. turning off HTML mail under
 XP

yossarian wrote:

> The problem is that by turning off HTML for e-mail as a security measure,
> you disable the correct use of digitally signed e-mail, which by design is a
> security measure.

Not the case, AFAIK -- S/MIME doesn't depend on how you view the
document.  At least w/Mozilla (currently in use here) S/MIME
signatures are verified even though the HTML is not rendered.


-- 

"Well," Brahma said, "even after ten thousand explanations, a fool is no
  wiser, but an intelligent man requires only two thousand five hundred."
                 - The Mahabharata

Powered by blists - more mailing lists