At 5:59 PM -0500 2/24/06, John Kelsey wrote:
>What we ultimately need is encryption and
>authentication that are:
>
>a. Automatic and transparent.
>
>b. Add some value or are bundled with something that
does.
>
>c. Don't try to tie into the whole horrible set of PKI
standards in
>terms of uniquely identifying each human and bit in the
universe, and
>getting them to sign legally binding messages whose full
>interpretation requires reading and understanding a
30-page CPS.
We have the preamble and (a) already; the problem is that
the
preamble is insufficient. What we ultimately need is
encryption and
authentication *and validation of the authentication* that
match at
least (a).
Currently, it is the validation of the authentication that
makes most
users uninterested. When you get a message from Bob that
comes with a
warning that says "I cannot tell whether or not Bob
really sent
this", but you are sure that Bob actually sent that
(due to some
out-of-band knowledge), you lose faith in the system. When
Bob has
the same problem with your messages, you give up.
For signed personal mail, (b) and (c) may be mutually
exclusive. Why
sign your messages if you don't want to be held liable for
their
contents? How can you get the reward of integrity without
the cost of
responsibility?
Given those two hurdles, my hopes for authenticated mail
near zero. I
have some hopes for authenticated syndicated messages
through Atom or
RSS, but not this year. The hardest part there will be (c),
but there
are many environments where signing one-way mail is quite
appropriate, particularly in replacing paper messages.
The demand for encryption of personal email is perpetually
low.
Without a legal requirement, it will probably always be a
small niche
market.
--Paul Hoffman, Director
--VPN Consortium
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomo metzdowd.com
|