-----Original Message-----
From: Jim Gillogly <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Saturday, December 05, 1998 8:43 AM
Subject: Re: Wassenaar vs. CipherSaber
[...]
>I would dearly love to see a bite-sized implementation that really solves
>the world-wide secure communications problem by offering transparent
>strong encryption. Perhaps the holy grail would be a page describing a
>Netscape plug-in that would magically make its mail transparently secure.
>
>Failing that, how about the long-awaited OpenPGP plug-in for Netscape mail?
Netscape mail, with its S/MIME capability, is already an excellent tool. It
only has two real disadvantages vs PGP:
1. Getting X.509 certificates from commercial CA's is expensive and
bothersome
2. Out of the US, it's only available in crippled strength.
However, the point 1. could be easily circumvented by a simple-to-use
"personal CA" signing certificate requests to provide self-signed certs,
which will be authenticated out-of-band (e.g., checking the fingerprint over
the phone): after all, that's how usually PGP is used - very few people,
AFAIK, use the web of trust. And the point 2. has already been solved by
Fortify and others by patching the code.
Am I missing something?
Enzo
