S/MIME works pretty well for the government. Well-known, limited set of roots, a huge IT staff, physical certificate devices, and Marines with guns for key distribution.
Not the same environment for the rest of us, however.
S2ERC: http://s2erc.georgetown.edu/
GCSC: http://gcsc.georgetown.edu/
Me: http://www.cs.georgetown.edu/~ eburger
-------- Original message --------
From: Phillip Hallam-Baker
Date:12/03/2013 10:15 PM (GMT-05:00)
To: Jim Gettys
Cc: Eric Burger
Subject: Re: [rtcweb] Alternative decision process in RTCWeb
On Tue, Dec 3, 2013 at 10:15 AM, Jim Gettys <jg@xxxxxxxxxxxxxxx> wrote:
On Tue, Dec 3, 2013 at 10:06 AM, Eric Burger <eburger@xxxxxxxxxxxxxxxxxx> wrote:
Agreed. The problem is not that people cannot choose between S/MIME or PGP. The problem is few people use anything.
Both fail the usability by mere mortals test, much less the usable by most geeks test... So the experiment is meaningless.
+1
Basically S/MIME was implemented to gain checklist compliance and little else. It didn't have to work well, it just had to satisfy the government procurement requirement. PGP meanwhile suffered from an excess of ideological commitment.
If we only had one standard it would have been harder for people to ignore the problems.
I find the defeatism quite depressing. If we know the reason the previous efforts have failed, all we need to do is to address them and try again.
Website: http://hallambaker.com/