On Mon, Sep 1, 2014 at 6:48 AM, Arnt Gulbrandsen <[email protected]> wrote: > The web of trust hasn't failed? > > The number of people with email addresses has grown to perhaps a quarter of > humanity. Meanwhile, the number of people who use PGP seems to have been > more or less stable for the past 15 years (I'd love to see better numbers on > that, but who might be in a position to collect that?). What's the threshold > for success then?
One of the main reasons PGP failed is that people wanted it to succeed so desperately. So nobody would speak up about the problems. As if wishful thinking alone would solve everything. Robert Owen, the father of the factory system set up a socialist utopian commune in the US which was the first of its kind. It failed in the exact same ways that numerous later attempts also failed. Because people didn't want to question the ideology and acknowledge the problems which is the first step to solving them. Other communes did look at the problems and did not fail in the same ways. No one trust model is going to fit every need. Which is why the trust model mechanics should be separated out from the client for the time being. One very powerful tool for addressing the problem is that we distinguish the first contact use case from the continued contact use case. Alice is sending a message to Bob, she has never met Bob in person, she has only got his email address from a Web site. But it is Bob she wants to talk to and this might not be [email protected]. So in this situation I don't think she is going to be immediately sending Bob really confidential secrets. I think it is going to be perfectly adequate to use key distribution mechanisms such as key servers and the like for establishing this connection. Securing further conversation is quite a bit easier. We can exchange a fingerprint in band and make Alice enter it manually or we can use strong email addresses which are just a bit of syntactic sugar (aka usability) thrown on top. We can even send the contact information inband in email headers: To: <[email protected]> From: <[email protected]> Reply-To: <[email protected]> Encrypt-To: <ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA?al...@example.com> Hi Bob, wanna talk to me? Unlike PEM headers, we are not sending several Kb of extra data per message. We are only sending the information required to locate the cert chain and validate it. We are not sending unnecessary data. _______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
