Of course S/MIME encryption works for PKI experts. But how do I send an encrypted message to the IRS? (S/MIME have been largely funded by the US government).
Of course distributing shared secrets is awkward but it is done all the time over the entire globe and in massive way, any "idiot" can do it. Other (somewhat) related stuff to disagree with :-) http://www.imc.org/ietf-pkix/mail-archive/msg05022.html BR AR ----- Original Message ----- From: "Michael Ströder" <[EMAIL PROTECTED]> Newsgroups: mozilla.dev.tech.crypto To: <[email protected]> Sent: Tuesday, November 18, 2008 14:13 Subject: Re: How-to guide for email encryption Anders Rundgren wrote: > IM[NS]HO, S/MIME encryption using PKI is one of the biggest security > farces ever. I don't see why. > Regarding the guide, I believe that e-mail encryption would be fairly common > if it had been (generally) based on using a shared secret, because passwords > are easier to use than PKI (for encryption NB). This is nonsense. Passing a shared secret to somebody else would be impractical. The biggest obstacle preventing people to use S/MIME (or even PGP) is that they don't have to. They are not forced by security policies, business contracts etc. to encrypt their e-mail. So they simply avoid additional work. This cannot be solved technically. Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
