Ben Bucksch wrote:
>
> Michael Str�der wrote:
>
> >Well, you can mark any certificate of another person as trusted for
> >e-mail in Communicator.
> >
> But, as already pointed out, until the recipient does that, it will
> appear as "bogus" (which is plain wrong). That's enough to make
> self-signed certs unusable in practice with less computer-savvy
> communication partners.
"[EMAIL PROTECTED] has an unknown certificate issuer" is a quite
understandable status message. I can't see how it makes "self-signed
certs unusable in practice". Yes, maybe the Mozilla implementors
could add a quick button to display the fingerprint and ask the user
whether to mark it as trusted or not (after enough warnings).
> >You can validate that certificate by
> >fingerprint in prior to using it. I call that playing web-of-trust
> >with X.509 certificates like PGP (peer-to-peer PKI). It is already
> >possible and should be possible in the future.
> >
> But PGP allows for more sophisticated webs of trust. OTOH, you can have
> a PGP cert signed by a CA (some CAs actually do offer that).
1. The PKI for S/MIME is X.509v3 (or PKIX) which principally allows
every kind of trust relationship you might imagine (see bridge CAs,
cross-certification, etc.).
2. If you have "a PGP cert signed by a CA" you get pretty close to
what X.509 is. And these CAs have exactly the same problems with
checking the identity like X.509 CAs => the certification workflow
will get complicated which you considered to be an obstacle for
S/MIME deployment (and you have give away your personal data which
you considered to be a privacy issue with S/MIME).
> PGP's model seems to be a strict superset of S/MIME's.
Then I have to assume you don't have much knowledge of X.509.
> >>That's why I think that PGP is more suited for the masses.
> >>
> >I think this assumption is not that generally true. Even though PGP
> >people repeat it all the time.
> >
> I don't repeat anyone here (apart from myself maybe). That's the
> conclusion that I came to myself, with my own reasoning and without much
> external influence.
If you look at a registration/certification workflow which you could
consider to be fairly secure you will notice that such a process
*is* complicated no matter if you issue a X.509 cert or a certified
PGP key at the end of the process. It's just a data format. The
difficulties with identity checking, naming problems etc. are the
same.
I refuse to start a detailed debate here. There are many PKI papers
by skilled people available for free where the general PKI
deployment problems are described. If you read them carefully you
will find out that these are inherent problems, not problems of a
specific technical specification.
> >In my experience most users will not verify any PGP fingerprint.
> >
> Let's say I don't. Where is the problem? *I* don't need any
> correspondance of a "virtual person" (represented by a cert/key) to a
> real-life entity. I only need ensurance that it's always the same
> virtual person. For that, I don't need to check fingerprints - I only
> need to make sure that my software complains about a new key with an
> existing name/email-address. In the few cases where I do need
> correspondance to real-life, it is usually trivial to check the
> fingerprint.
This is more or less your personal point of view suitable for a very
limited sort of application.
> They only exception I know is when I start to make business with
> people/companies that I never met in RL (but I might need to sue them,
> if they don't comply to contracts). But then again, we are in the
> business sector again, while much of the email correspondance is
> strictly private (private as in non-business).
Most of my e-mail traffic is business-related. Your mileage may
vary.
> For completeness: What should be realized in the PGP vs. S/MIME
> discussion is the *wide* support for PGP in the software.
Let me tell you something: In my business nobody even considers
deploying PGP at all. Never ever. If I'm hired as PKI consultant I
don't even have to ask whether they want to deploy PGP or X.509. In
large companies it will be X.509, nothing else. Your mileage may
vary. Therefore your definitions for "masses" and "wide support" are
probably *very* different from mine. My definition of mass use is
that two companies with 10000+ PKI users are connecting their PKIs
together via cross-certification or a bridge CA (which is a rare
case off-course).
> Almost every major email client, including many open-source ones like
> Mutt and TkRat and including MS Outlook [Express], has support for PGP
> intergrated (integrated in the UI - you need to install it separately in
> some cases). The absolute number of PGP-supporting mailers is probably
> dozens.
And what does that say about the relevance of PGP in *my* business?
> The only major mailer that I know that does *not* (yet) support
> PGP is Communicator/Mozilla.
I have absolutely no objections against adding PGP support to
Mozilla. But you have to accept that even though dozen of MUAs are
actually supporting PGP it might not be important at all for people
deploying a PKI in a large scale.
> OTOH, I know of only exactly 4 clients that support S/MIME: Netscape
> Communicator 4.x, MS Outlook [Express] and Lotus Notes. No open-source
> mailer supports S/MIME.
So what? Your list contains exactly the MUAs installed at my
customer's companies. Do you think they care about Open Source MUAs
like mutt, TkRat, etc.?
> This software-support is probably one of the reasons (not the only one)
> why PGP has such a large followership, especially in the open-source
> sector.
You should rather say: "PGP has such a large followership, solely in
the open-source sector."
Or a variant: "PGP has such a large followership, especially in the
open-source sector because the open-source sector is full of people
not looking at the market at all."
Ciao, Michael.
