Anders Rundgren wrote:
IM[NS]HO, S/MIME encryption using PKI is one of the biggest security farces ever.
I don't see why.
Regarding the guide, I believe that e-mail encryption would be fairly common if it had been (generally) based on using a shared secret, because passwords are easier to use than PKI (for encryption NB).
This is nonsense. Passing a shared secret to somebody else would be impractical.
The biggest obstacle preventing people to use S/MIME (or even PGP) is that they don't have to. They are not forced by security policies, business contracts etc. to encrypt their e-mail. So they simply avoid additional work. This cannot be solved technically.
Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
