> also sprach Ed Gerck <[EMAIL PROTECTED]> [2004.05.28.1853 +0200]: > > It's "industry support". We know what it means: multiple, > > conflicting approaches, slow, fragmented adoption --> will not > > work.
In other words .... change. If you have any alternatives to change, please describe them. Ollivander's wand shop is not available in this universe. > > It would be better if the solution does NOT need industry > > support at all, only user support. It should use what is already > > available. This is the point in the script at which I laugh at you, Ed. S/MIME and PGP have been available for many many years now. How many messages to the Cryptography Mailing List are cryptographically signed? If it was going to happen, it would have *already* happened. martin f krafft writes: > - The technology is too complex to be grasped. users may be able > to select encryption in their GUI, but they fail to understand > the consequences. This is especially problematic on the receiver > side, because no standard user knows how to handle a BAD > SIGNATURE alert. Yup. That's why I think that the MTA that checks the signature should surround the RFC2822 address comment with '?' if the signature is missing or bad. If the email lacks a valid signature, you really *don't* know who it's from, so the question marks are simply telling the truth. > - The infrastructure is not there. Two standards compete for email > cryptography, and both need an infrastructure to back them up. Two standards? DomainKeys and what else? -- --My blog is at angry-economist.russnelson.com | Crynwr sells support for free software | PGPok | Bugs of a feather 521 Pleasant Valley Rd. | +1 315 268 1925 voice | flock together. Potsdam, NY 13676-3213 | FWD# 404529 via VOIP | --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]