At 5:59 PM -0500 2/24/06, John Kelsey wrote:
What we ultimately need is encryption and
authentication that are:
a. Automatic and transparent.
b. Add some value or are bundled with something that does.
c. Don't try to tie into the whole horrible set of PKI standards in
terms of uniquely identifying each human and bit in the universe, and
getting them to sign legally binding messages whose full
interpretation requires reading and understanding a 30-page CPS.
We have the preamble and (a) already; the problem is that the
preamble is insufficient. What we ultimately need is encryption and
authentication *and validation of the authentication* that match at
least (a).
Currently, it is the validation of the authentication that makes most
users uninterested. When you get a message from Bob that comes with a
warning that says "I cannot tell whether or not Bob really sent
this", but you are sure that Bob actually sent that (due to some
out-of-band knowledge), you lose faith in the system. When Bob has
the same problem with your messages, you give up.
For signed personal mail, (b) and (c) may be mutually exclusive. Why
sign your messages if you don't want to be held liable for their
contents? How can you get the reward of integrity without the cost of
responsibility?
Given those two hurdles, my hopes for authenticated mail near zero. I
have some hopes for authenticated syndicated messages through Atom or
RSS, but not this year. The hardest part there will be (c), but there
are many environments where signing one-way mail is quite
appropriate, particularly in replacing paper messages.
The demand for encryption of personal email is perpetually low.
Without a legal requirement, it will probably always be a small niche
market.
--Paul Hoffman, Director
--VPN Consortium
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
