How to make secure email easier to use

Conference on Human Factors in Computing Systems - Proceedings

Volumn , Issue , 2005, Pages 701-710

  Garfinkel, Simson L ^a   Margrave, David ^b   Schiller, Jeffrey I ^c   Nordlander, Erik ^a   Miller, Robert C ^a  

^a MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

^b AMAZON   (United States)

^c MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

E Commerce; User Interaction Design; User Studies

Indexed keywords

COMPUTER SOFTWARE; CRYPTOGRAPHY; DATA PRIVACY; ELECTRONIC COMMERCE; INTERNET; SECURITY OF DATA; USER INTERFACES;

INTERNET USERS; USER INTERACTION DESIGN; USER STUDIES; WEBMAIL;

ELECTRONIC MAIL;

EID: 84861290223     PISSN: 02749696     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1054972.1055069     Document Type: Conference Paper

References (23)

1. D. Atkins, W. Stallings, and P. Zimmermann. RFC 1991: POP message exchange formats, August 1996. Status: INFORMATIONAL.
2. D. Balenson. RFC 1423: Privacy enhancement for Internet electronic mail: Part III: Algorithms, modes, and identifiers, February 1993. Obsoletes RFC1115. Status: PROPOSED STANDARD.
3. Ian Brown and C. Richard Snow. A proxy approach to e-mail security. Software Practice and Experience, 29:1049-1060, October 1999.
4. J. Callas, L. Donnerhacke, H. Finney, and R. Thayer. RFC 2440: OpenPGP message format, November 1998. Status: PROPOSED STANDARD.
5. Mark Delany. Domain-based email authentication using public-keys advertised in the dns (domainkeys), August 2004. INTERNET DRAFT.
6. S. Dusse, P. Hoffman, B. Ramsdell, L. Lundblade, and L. Repka. RFC 2311: S/MIME version 2 message specification, March 1998. Status: INFORMATIONAL.
7. M. Elkins. RFC 2015: MIME security with pretty good privacy (PGP), October 1996. Status: PROPOSED STANDARD.
8. Federal Trade Comission. Identity thief goes "phishing" for consumers' credit information, July 2003. http://www.ftc.gov/opa/2003/07/phishing.htm.
9. Simson Garfinkel. PGP: Pretty Good Privacy. O'Reilly & Associates, 1994.
10. Simson L. Garfinkel. Enabling email confidentiality through the use of opportunistic encryption. In National Conference on Digital Government Research, 2003.
11. Simson L. Garfinkel, Jeffrey I. Schiller, Erik Nordlander, David Margrave, and Robert C. Miller. Views, reactions, and impact of digitally-signed mail in e-commerce. 2005.
12. Peter Gutmann. Why isn't the internet secure yet, dammit. In AusCERT Asia Pacific Information Technology Security Conference 2004; Computer Security: Are we there yet?, May 2004. http://conference.auscert.org.au/conf2004/.
13. GVU. GVU's tenth WWW user survey results, 1999. http://www.cc.gatech.edu/gvu/user_surveys/survey-1998-10/.
14. S. Kent. RFC 1422: Privacy enhancement for Internet electronic mail: Part II: Certificate-based key management, February 1993. Obsoletes RFC1114. Status: PROPOSED STANDARD.
15. J. Linn. RFC 989: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures, February 1987. Obsoleted by RFC1040, RFC1113. Status: UNKNOWN.
16. J. Linn. RFC 1421: Privacy enhancement for Internet electronic mail: Part I: Message encryption and authentication procedures, February 1993. Obsoletes RFC1113. Status: PROPOSED STANDARD.
17. Mindy Pereira. Trusted S/MIME Gateways. Dartmouth College, May 2003. Senior Honors Thesis: Winter/Spring 2003, Department of Computer Science, Dartmouth College.
18. B. Ramsdell. RFC 3851: Secure/multipurpose internet mail extensions (s/mime) version 3.1 message specification, July 2004.
19. Jon Udell. How ray ozzie got his groove back. openp2p.com, October 24 2000.
20. VeriSign. Digital ids for secure email, 2004. http://www.verisign.com/products-services/security-services/pki/pki-application/ email-digital-id/page_dev004002.html.
21. Alma Whitten. Making Security Usable. PhD thesis, School of Computer Science, Carnegie Mellon University, 2004.
22. Alma Whitten and J. D. Tygar. Why Johnny can't encrypt: A usability evaluation of POP 5.0. In 8th USENIX Security Symposium, pages 169-184, 1999.
23. T. Ylonen. SSH - secure login connections over the internet. Proceedings of the 6th Security Symposium) (USENIX Association: Berkeley, CA):37, 1996.