>Banks [use] a web interface, after the user logs in to their account. >So, what's missing in the email PKI model is two-sidedness. >Fairness.
Not really. What's missing is, if you'll pardon the phrase, a central point of failure. If you can persuade everyone to use a single system, it's not hard to make communication adequately secure. Look at Hushmail; if you believe that their internal processes are OK, you can set up an account and communicate quite securely with other Hushmail users on their web site, or for the more nerdy, you can use SSL IMAP and PGP to communicate with their central site. It's been limping along since 1999, I don't know anyone who uses it which says something about its actual utility. But that's not e-mail. The great thing about Internet e-mail is that vast numbers of different mail systems that do not know or trust each other can communicate without prearrangement. And of couse the awful thing about Internet e-mail is the same thing. It's hard to see any successful e-mail system in the future, secure or otherwise, that doesn't do that, since Internet mail killed all of the closed systems that preceded it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
