At 02:59 PM 2/24/2006 +0000, Ben Laurie wrote:
Ed Gerck wrote:
We have keyservers for this (my chosen technology was PGP). If you liken
their use to looking up an address in an address book, this isn't hard
for users to grasp.

I used PGP (Enterprise edition?) to encrypt my work emails to a distributed set of
members last year.  We all had each other's public keys (about a dozen or so).

What I really hated about it was that when [EMAIL PROTECTED] sent me an email
often I couldn't decrypt it. Why? Because his firm's email server decided to put
in the FROM field "[EMAIL PROTECTED]".  Since it didn't match the email
name in his X.509 certificate's DN it wouldn't decrypt the S/MIME attachment.
This also caused problems with replying to his email.  It took us hours, with
several experimental emails sent back and forth, to figure out the root of the problem.

No wonder PKI has died commercially and encrypted email is on the endangered
species list.

- Alex
--

- Alex Alten


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to