Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Keith Moore wrote:

I'm not convinced that that's the (only or even most important) reason, or that it's even true.   From my perspective there have been several barriers to adopting S/MIME and/or PGPMIME, e.g. lack of MUA support, lack of email domain CAs and support for them among root CAs, lack of a well known and trusted set of root CAs such as exist for the web (it's not clear that they should should be the same set), lack of a standard key discovery mechanism, and (mostly I suspect) lack of mindshare.

As PKI is not cryptographically secure depending on wrong assumptions
that untrustworthy TTPs of CAs could be trusted, you are wrong.

Though CAs always claim that they are providing enough security,
as they don't know required security, which is known by the
first and the second but not the third parties, they can not
be really secure enough, which was demonstrated by diginotar.

Cryptographic security can be available only by sharing security
key directly between the fist and the second party without
involving untrustworthy TTPs.

						Masataka Ohta




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux