. > > By PRISM-class I mean an attack that attempts pervasive surveillance with > budgets in excess of $100 million rather than the PRISM program in particular.
Rather than using a word like PRISM-class to mean something other than what it sounds like (which is a good idea), invent a new term or just say what you mean. > > Neither OpenPGP nor S/MIME is capable of providing protection against this > class of attack because they are not widely enough used. We can only hope for > these to be useful if at least 5% of Internet users start sending mail > securely. I understand what you are trying to say, but you have now created an objection that all new protocols fail against. So now nothing can meet the requirements because it has to be born with a user base. I have been saying that something new should use components that are available now. Each of OpenPGP and S/MIME suffer from nothing more than cruft accumulated over time and things we can do better from the start because we have an additional 20+ years of thought and techniques. Throwing them out because we can and should just do better is both bold and simple. Jon _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
