Michael Str�der wrote:
>Well, you can mark any certificate of another person as trusted for
>e-mail in Communicator.
>
But, as already pointed out, until the recipient does that, it will
appear as "bogus" (which is plain wrong). That's enough to make
self-signed certs unusable in practice with less computer-savvy
communication partners.
>You can validate that certificate by
>fingerprint in prior to using it. I call that playing web-of-trust
>with X.509 certificates like PGP (peer-to-peer PKI). It is already
>possible and should be possible in the future.
>
But PGP allows for more sophisticated webs of trust. OTOH, you can have
a PGP cert signed by a CA (some CAs actually do offer that). PGP's model
seems to be a strict superset of S/MIME's. See www.openpgp.org for a bit
longer discussion.
>>That's why I think that PGP is more suited for the masses.
>>
>I think this assumption is not that generally true. Even though PGP
>people repeat it all the time.
>
I don't repeat anyone here (apart from myself maybe). That's the
conclusion that I came to myself, with my own reasoning and without much
external influence.
>In my experience most users will not verify any PGP fingerprint.
>
Let's say I don't. Where is the problem? *I* don't need any
correspondance of a "virtual person" (represented by a cert/key) to a
real-life entity. I only need ensurance that it's always the same
virtual person. For that, I don't need to check fingerprints - I only
need to make sure that my software complains about a new key with an
existing name/email-address. In the few cases where I do need
correspondance to real-life, it is usually trivial to check the fingerprint.
They only exception I know is when I start to make business with
people/companies that I never met in RL (but I might need to sue them,
if they don't comply to contracts). But then again, we are in the
business sector again, while much of the email correspondance is
strictly private (private as in non-business).
>The truth about proper PKI deployment lies in between both
>extreme positions and depends on your special deployment scenario.
>
Right, and PGP is more flexible (in my view, see above). Thus, PGP
allows for better interoperation.
>>See also earlier thread about PGP vs. S/MIME.
>>
>This was discussed to dead so many times. IMHO the PGP people always
>have the attitude to have the *right* solution without providing any
>bullet-proof arguments.
>
I didn't say that I have the "right" solution. What I stated at the
bottom was not a serious proposal (note the joking smily!). I do think
that PGP is more important than S/MIME, at least in the long term, and
thus should be an integral and major part of the considerations. And
that self-signed S/MIME certs definitely should get better support than
they have in 4.7. I am aware that S/MIME is important for some
institutions that have it already deployed.
For completeness: What should be realized in the PGP vs. S/MIME
discussion is the *wide* support for PGP in the software.
Almost every major email client, including many open-source ones like
Mutt and TkRat and including MS Outlook [Express], has support for PGP
intergrated (integrated in the UI - you need to install it separately in
some cases). The absolute number of PGP-supporting mailers is probably
dozens. The only major mailer that I know that does *not* (yet) support
PGP is Communicator/Mozilla.
OTOH, I know of only exactly 4 clients that support S/MIME: Netscape
Communicator 4.x, MS Outlook [Express] and Lotus Notes. No open-source
mailer supports S/MIME. (I don't count pipe tricks here, because hardly
anybody uses that.)
This software-support is probably one of the reasons (not the only one)
why PGP has such a large followership, especially in the open-source sector.
>>>How might we improve them in this new version?
>>>
>>Drop S/MIME, use PGP ;-P.
>>
>Certainly not.
>
