Julien R Pierre - Sun Microsystems wrote:
Michael,
Michael Ströder wrote:
Anders Rundgren wrote:
IM[NS]HO, S/MIME encryption using PKI is one of the biggest security
farces ever.
I don't see why.
Regarding the guide, I believe that e-mail encryption would be fairly
common
if it had been (generally) based on using a shared secret, because
passwords
are easier to use than PKI (for encryption NB).
This is nonsense. Passing a shared secret to somebody else would be
impractical.
I agree with you if you are talking about sharing that secret instantly
with any other random person line.
Yes, that's what I meant.
However, sharing secrets is done routinely with a limited number of
entities in a variety of ways, eg. you go to your bank to set your ATM
card pin, or (gasp) over the phone.
My insurance company sends a temporary password through postal (smail)
mail the first time you sign up for email access. I think you can also
sign up in person at the hospital.
Yes, it's also often done during cert enrollment.
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
