On Tue, Sep 02, 2014 at 12:42:17PM +0200, Steffen Nurpmeso wrote: [...]
> If with introduction of the new german passport every receiver had > also obtained a set of usable PGP and OpenSSL S/MIME keys and/or > certificates -- at best with a small info flyer which would have > shown how to import those into the tools of the most widespread > operating systems -- the situation would surely be better in > Germany. I think it is much easier to impersonate someone by e-mail when you have the private key to their identity than when you steal a passport. The picture in the passport means that most men cannot use a stolen woman's passport, and most kids cannot use an older person's passport, and so on. But with the private key to an identity someone can be impersonated over e-mail by almost anyone. For these reasons, I do not think that handing out cryptographic identities would be responsible unless there was a suitable key management framework for people to use and they knew how to use it. [...] > Providers could include a free certificate with each account, > which would enable their users to choose security by themselves > (on a per-provider basis). Do you mean providers of e-mail services? Handing out cryptographic identity certificates or similar to people who do not understand the risks or benefits and do not have a suitable key management framework doesn't seem a great idea to me. I think it makes more sense to start with the fundamentals rather than hoping they'll come along some time after widespread deployment. _______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
