[Dshield] Using digital signatures to filter out phishing emails

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Sat Aug 13 02:38:18 GMT 2005

On Fri, 12 Aug 2005 12:36:01 PDT, Anthony Rodgers said:

> What am I missing?

We already do this for HTTPS traffic using SSL and certificates.

The problem is that Joe Sixpack will just look and see that the mail has the
little padlock, and click 'ok', without bothering to notice that the mail is
from security at ebey.com rather than where you'd hope. That's assuming that Joe
bothers looking for the packlock, or even knows what that padlock means.  Keep
in mind what you're trying to protect against:

Joe Sixpack will click on a phish e-mail from the First National Bank of
Dancing Hamsters.  You're expecting this *same* Joe Sixpack to make a rational
decision based on the digital signature status of the e-mail.

What's wrong with this picture?

(For the record, the best description of the dynamics of this sityation was
written in 1951 by C.M. Kornbluth - 'The Marching Morons'..  No, I'm not
cynical or anything... ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050812/0abec3a8/attachment.bin

More information about the list mailing list