> We'll likely never meet in person. You have a sensitive message to > send me about Postfix or OpenSSL or something like that. Now what? > > Or more likely you have nothing sensitive to send me at all, but > prefer not to have your communications routinely intercepted or stored > in the clear. Now what? > > The draft strives to make PGP scale, with an inevitable trade-off in > identity assurance. The security needs of covert-agents are not the > same as the security needs of most ordinary citizens. if i think of it as a form of opportunistic encryption with very weak authentication it seems useful. but when i want strong authentication i want strong introduction. randy