I see that you are not interested in discussing the relative merits of STARTTLS vs. DomainKeys, but instead are just trying to push STARTTLS. I hope that Perry will see through your sales job, and will return your email to you, just as he will return this one to me. -russ
[Moderator's note: No such luck for you I'm afraid. However, I'd prefer if both of you tried to stay away from being personal. --Perry] Peter Gutmann writes: > Russell Nelson <[EMAIL PROTECTED]> writes: > >Peter Gutmann writes: > >> STARTTLS > > > >If Alice and Cathy both implement STARTTLS, and Beatty does not, and Beatty > >handles email which is ultimately sent to Cathy, then STARTTLS accomplishes > >nothing. If Uma and Wendy implement DomainKeys, and Violet does not, and > >Violet handles email which is ultimately sent to Wendy, then Wendy can check > >Uma's signature. > > Since none of Uma, Wendy, or Violet implement DomainKeys or even know what > they are, DomainKeys accomplishes nothing. OTOH if their { ISP, company, > whatever } has STARTTLS enabled, they're getting their email encrypted without > even knowing about it and are having better-than-average security applied to > their POP/IMAP mail account, again without even knowing about it (I suspect > the latter is far more of a selling point to users than encryption. No-one > would want to read their mail anyway so they're not worried about that, but if > it stops those nasty hackers from breaking into their account, it's a good > thing). > > >If, instead, Perry had a list of PGP keys and email addresses, he wouldn't > >*need* to compare the email address on the incoming email. > > He'd instead need to spend even more time mucking around with keyrings and > updating keys and writing scripts to handle all the checking and wondering why > it all has to be so complicated, and maybe he should just ask people to fax in > submissions. > > Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]