On Tue, Jul 30, 2013 at 4:49 AM, Guido Witmond <[email protected]> wrote: > My biggest beef with S/MIME is the certificates of the CA's. > > The CA's validation policy requires you to prove your real world > identity to them. Which they then write into the certificate. > > It means that each and every email is tagged with your true identity for > life. No thanks....
Self-signed S/MIME certs work just fine - however, you lose part of the ease-of-use. I'm really talking about in the context of today's PRISM (and friends) discussions with ~everyone~... Also - I'm still not sure "we" can't solve that between the various organizations that are pushing these privacy issues and the browser vendors. A community trusted CA that conforms to whatever rules EFF and EPIC come up with (as one suggestion). To confirm - so far the object (the main one) - is the CA dependency... I get that. Alright. -Ali -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
