Keith Moore wrote:
I'm not convinced that that's the (only or even most important) reason, or that it's even true. From my perspective there have been several barriers to adopting S/MIME and/or PGPMIME, e.g. lack of MUA support, lack of email domain CAs and support for them among root CAs, lack of a well known and trusted set of root CAs such as exist for the web (it's not clear that they should should be the same set), lack of a standard key discovery mechanism, and (mostly I suspect) lack of mindshare.
As PKI is not cryptographically secure depending on wrong assumptions that untrustworthy TTPs of CAs could be trusted, you are wrong. Though CAs always claim that they are providing enough security, as they don't know required security, which is known by the first and the second but not the third parties, they can not be really secure enough, which was demonstrated by diginotar. Cryptographic security can be available only by sharing security key directly between the fist and the second party without involving untrustworthy TTPs. Masataka Ohta
