Anders Rundgren wrote: > IM[NS]HO, S/MIME encryption using PKI is one of the biggest security farces > ever. Even the use-case is often wrong. Somebody representing "e-Health" > once described for a big audience how S/MIME encryption could be used to > exchange private medical information between a doctor and a patient. But > medical treatment is a collective effort and it would be pretty wrong if the > doctor was the only party who knew what medication or HIV test results the > patient got.
Let's see if I understand what you're saying correctly. You're saying that S/MIME is not a good use case for confidential communications between doctor and patient, because it does too good a job of keeping a secret? Who, besides the doctor and patient, has the right or obligation to read such doctor-patient communications and decide who else should see it? Do you propose that systems that communicate doctor-patient information should offer weak protections for secrecy, so that others may snoop? Do you propose the creation of a Big Brother agency to whom copies of doctor-patient communications must be sent in way that BB can read them? _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
