Anders, Anders Rundgren wrote:
IM[NS]HO, S/MIME encryption using PKI is one of the biggest security farces ever. Even the use-case is often wrong. Somebody representing "e-Health" once described for a big audience how S/MIME encryption could be used to exchange private medical information between a doctor and a patient. But medical treatment is a collective effort and it would be pretty wrong if the doctor was the only party who knew what medication or HIV test results the patient got.
S/MIME is not limited to 1 to 1 exchanges. It allows multiple recipients if they are also legally entitled to the information, or if it is relevant to them, such as other doctors, pharmacists, or nurses.
Also, even if there are only 2 parties in an original email exchange, no encryption method including S/MIME can prevent one of those parties from disclosing that information to other parties if they decide it's appropriate.
S/MIME is one tool to accomplish the job of relaying patient-doctor messages securely.
My insurance company chose to deploy webmail with an HTTPS interface with a shared-secret login (password) for secure messages between patient and doctors. As a result, I cannot (easily) archive the messages I receive and send locally. I have to login to a web site every time to look at them. And that web site sets the archiving policy. To me, that's a pretty big inconvenience. I really wish that they had used S/MIME instead.
However, it's obvious that the system they deployed is much simpler to use than S/MIME. Still, my dietitian finds it too complicated, and can only be contacted through regular insecure email to this day.
_______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
