The Internet and email is old at this point.

It can be reasonably argued that email links are a significant threat vector right now.

So far, we just keep trying to sandbox links or scan attachments, but it’s still not stopping the threat.

My questions for comment:

  • Would removing anonymity from email reduce or remove this threat? If business blocked all uncertified email senders, would this threat be gone?
  • Why can’t we do PKI well after a few decades?
  • Does anyone believe PKI could apply to individuals? In the context of identity for email, accounts, etc?

I see services like id.me and others and wonder why we can’t get digital identity right and if we could, would it eliminate some of the major threats?

Image credit: https://www.office1.com/blog/topic/email

Edit, post not related to the site or any service, just image credit.

  • HubertManne@kbin.social
    link
    fedilink
    arrow-up
    4
    ·
    11 months ago

    I want a government email. I think the usps should run one that allows for official government communiction in an isolated inbox and then another isolated inbox for communication that would require a penny and an individual and a last inbox that allows for companies and such to send to you for a fee and it would be encrypted. I wold keep it separate from normal email but at least you could be sure of who the sender is and it would make government communications easier.

    • MSgtRedFox@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Interesting. I do wish our government identity extended to online. Instead of signing into a bunch of websites with a Google account, I think a us government or state account would be nice. One account, PKI in your driver’s license or some other passkey like device.

      I guess the trade would be protection of that digital ID and the system running it. We already have identity theft. I hope it would be harder if you have to digitally sign a bunch of stuff with you driver’s license. Most people probably don’t have experience with common access cards or tokens though.

      • HubertManne@kbin.social
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        yes and you should never have to worry about losing it do to it being like canceled and you should be able to clear up any support issues at the post office.