secure email hashing
Received an email this morning about a package containing a large amount of cash being held by DHL (yippee!). As befits important email of a security sensitive nature, they tried to sign the message, or at least I think that’s what they were trying to do.
To: email@example.com, firstname.lastname@example.org
While it’s comforting to see that they chose the more secure encrypt-then-mac construction, RIPEMD-160 is hardly cutting edge. As such, I’m not sure I can trust this message.