----- Original Message -----
From: "Peter Gutmann" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, November 30, 2000 1:30 PM
Subject: Re: Is PGP broken?
> "Enzo Michelangeli" <[EMAIL PROTECTED]> (or someone, the quoting makes it
> difficult to tell)
Yes, that was me.
> writes:
>
> >If it may of any comfort (or perhaps enhanced desperation), the S/MIME
> >community has similar headaches: in these days, the [EMAIL PROTECTED]
> >list is
> >debating whether, in S/MIME v.3, RSA should be made a MUST algorithm
> >together
> >with, or in alternative to, DSS and D-H. At this moment (RFC2630) neither
> >RSA
> >nor RC2 are MUST, so interoperability is not guaranteed with v.2
> >agents...
>
> S/MIME interoperability is guaranteed because everyone ignores the
> RFC and does RSA and RC2 (for backwards-compatiblity only) and 3DES
> first and everthing else only if they have the time and/or budget.
For "S/MIME" I mean the two standards (v.2 and v.3), not its various
implementations (still largely based on v.2).
The truth is: with any standard, the fact that a version[N+1] lacks some of
the MUST's of the version[N] represents a bad omen for a successful
deployment. Now that the patent on RSA has expired, and that the export
control laws in the US have finally been relaxed, this issue should be
addressed. For PGP that will be more difficult due to the continuing
encumbered status of IDEA, but for S/MIME it could be fixed now.
Apart from standards issues, one thing I'd like to see added to popular
S/MIME agents is a mini-CA to issue self-signed certificates. This would
allow people to use S/MIME as they use PGP (who relies on the WoT anyway?),
breaking the dependency from hierarchical CA's. Creating such an agent would
be now a viable OpenSource project, without any need for expensive toolkit
licenses.
Enzo
