I agree with the criticism expressed here. There needs to be code (at the very least) that people can get their hands on and try out, before using the word "deprecated".
Thanks for pointing that out Phillip! I'm working getting said code up on Github ASAP. The holidays and other things slowed me down a bit. It will be put up under this github group soon (this month, I expect/hope): https://github.com/okTurtles -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Jan 3, 2014, at 10:57 AM, Phillip Hallam-Baker <hal...@gmail.com> wrote: > Part of my trouble with this thread is that the original proposal was > presented in the way it was. > > It might well be that there is a better way to do PKI than the approach > Kohnfelder described in his master's thesis. But I don't think that the > person who comes up with it will be describing the existing system as > 'deprecated' before a single line of code is deployed. > > > I am currently working on podcasts to describe my new approach to a general > audience because getting any PKI deployed depends on buy in from people that > are far outside this group and the IETF and even the techie community. > > We are not going to get change until we have real people appearing in Apple > Stores and Microsoft stores asking how they can get usable secure email to > protect them from [The russian mafia/ GRU/ Iran/ China/ NSA]. If Google had > physical stores in malls, I would include them in that list. > > > But we are not going to get people hassling for deployment until there is a > scheme that is really right and not just 'good enough' for a group of highly > motivated ideologues like ourselves. > > Part of the problem with PGP and S/MIME is that people just want it to work > so much that they blind themselves to the obvious defects let alone the less > obvious ones. The result looks like a Palm Treo, not an iPhone. You could use > the Palm to surf the Web and send email and it kinda worked without crashing > more than six times a day. But people at Palm never did understand why that > was so much of a problem and they never made much of an effort to make the > phone really right because web on your phone is so cool it doesn't really > need to be perfect... right? > > When someone is so infatuated by their own idea that they describe it as > 'deprecating' the existing system before they have even tried it in the real > world then I don't think it is going to get very far. > > > Anyway, I am thinking we should have international cryptography day sometime > in early summer. Give some time to get code wrote. > _______________________________________________ > therightkey mailing list > therightkey@ietf.org > https://www.ietf.org/mailman/listinfo/therightkey
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
