On Tue, Jul 30, 2013 at 4:20 AM, Ralph Holz <[email protected]> wrote: > I am not sure I agree with the OPSEC issue. There are a bunch of > synchronised SKS key servers. As for people's capability to judge > others' accuracy in determining identity, well... is that so much worse > than a CA system, where a CA does only an e-mail check, but no EV? > > Furthermore: > * With the current weakness of the CA system (all CAs are equal), I > trust PGP a whole lot more
*snip* For "us" that's meaningful - is it for most people? Even 1%? Also - I wasn't clear at all - when I cited OPSEC I also meant if you want to use S/MIME in a PGP self-generated and distributed fashion you can do so. So what's not to say that a community or lets say EFF managed S/MIME issuing server w/ the Mozilla Foundation involved or what-not isn't, in practical terms, a much faster pathway to encrypted email adoption? That's what I'm getting at. Do we have a way to end-route the problem we're not taking advantage of? > What makes PGP more attractive to me is the higher degree of control I > can exercise. Exactly - agreed. Entirely. Also the problem w/ the adoption. Higher degree of ~responsibility~ also... So I'm trying to figure out if this is another situation where the people doing the advocating (the proverbial "us") aren't thinking about the end-user reality. And - in this case - if we have a perfectly acceptable security model within reach that requires tweaks to S/MIME or tweaks to PGP. And are the "tweaks" to S/MIME such that it's more readily attainable on a broad organizationally supported basis (again giving EFF and Mozilla Foundation as sponsoring suggestions)... Thank you for the time of your response, Cheers, -Ali -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
