Russell Nelson wrote:
> also sprach Ed Gerck <[EMAIL PROTECTED]> [2004.05.28.1853 +0200]: > > It's "industry support". We know what it means: multiple, > > conflicting approaches, slow, fragmented adoption --> will not > > work.
In other words .... change. If you have any alternatives to change, please describe them. Ollivander's wand shop is not available in this universe.
The alternative to change (ie, replacement) is complement. I mentioned that.
> > It would be better if the solution does NOT need industry > > support at all, only user support. It should use what is already > > available.
This is the point in the script at which I laugh at you, Ed.
I laugh with you ;-)
S/MIME and PGP have been available for many many years now. How many messages to the Cryptography Mailing List are cryptographically signed? If it was going to happen, it would have *already* happened.
S/MIME and PGP did NOT earn user support. What's wrong with them, we all know and Martin exemplifies below:
martin f krafft writes: > - The technology is too complex to be grasped. users may be able > to select encryption in their GUI, but they fail to understand > the consequences. This is especially problematic on the receiver > side, because no standard user knows how to handle a BAD > SIGNATURE alert.
Yup. That's why I think that the MTA that checks the signature should surround the RFC2822 address comment with '?' if the signature is missing or bad. If the email lacks a valid signature, you really *don't* know who it's from, so the question marks are simply telling the truth.
That's cute but your suggestion may have missed the point. If the email lacks a valid signature, there may be many causes. Today, within CA cert rollover dates, your browser's root certs may just need an update. Absence of a valid signature simply means you have less evidence of whom it's from, not no evidence.
> - The infrastructure is not there. Two standards compete for email > cryptography, and both need an infrastructure to back them up.
Two standards? DomainKeys and what else?
No -- DomainKeys has nothingf to do with 'email cryptography'. They are S/MIME and PGP/MIME.
EG
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
