Women in Technology

Hear us Roar



Article:
  How to Set Up Encrypted Mail on Mac OS X
Subject:   Potential unsecure issue
Date:   2005-09-12 11:15:14
From:   scott.gardner
I did a quick test to ensure the security of my email communication, as follows:


1. I sent an email from my digital-certificate signed email account (...@mac.com) to an alternate non-signed email account (...@yahoo.com), with the message body "asdf."
2. In my yahoo account, I redirected this email to a 3rd alternate non-signed email account (...@gmail.com), adding this text to the message body: jkl;
3. In my gmail account I received the redirected email with the altered message body, yet still showing signed by ...@mac.com


It appears to me that this digital signature is not accurate, because the message was altered by the recipient and then re-directed to another email.


I've emailed Thawte a couple times and they haven't responded.