Ma, Mingchao (STFC,RAL,ESC) wrote:
> Hi All,
>
> It seems that some of you still have some concerns on sensitive information
> being distributed via unencrypted email, even it is not sent to any public
> mailing list.
Some time ago, I received the following e-mail:
https://cic.gridops.org/index.php?section=rc&page=broadcastretrieval&step=2&typeb=C&idbroadcast=39741
Which amounts to "please download and install this rpm from this url".
Whilst this one looked genuine (as did your request). How should I know
which requests are genuine, and which are not?
Specifically, in the case of this e-mail, it came via
engine29-1277-2.icritical.com
>
> If you want to send an encrypted email to me, you can simply use my grid
> certificate, which you can find in any of my digitally signed email
> including this email.
That's useful. It is a pity that the CA isn't one of those in my
browser/e-mail client by default - though I think that's another can of
worms.
Chris
|