[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP, Inc.

To: [email protected]
Subject: Re: PGP, Inc.
From: "E. ALLEN SMITH" <[email protected]>
Date: Mon, 6 May 1996 15:57 EDT
Cc: [email protected]
Sender: [email protected]

From:	IN%"[email protected]"  "Raph Levien"  5-MAY-1996 13:47:16.83

>   "Observers say SMIME's capabilities will let it replace software
>   based on the PGP code, which is widely used. Unlike SMIME, which uses
>   a structured certificate heirarchy, PGP relies on pre-certification
>   of clients and servers for authentication, a limitation SMIME doesn't
>   face."

	Can one use a web-of-trust for S/MIME, for the cases when a structured
hierarchy is exactly the _wrong_ thing to use? I'd think so, but I don't know
anything about it.

>   Thus, it's a reasonable guess that almost all S/MIME messages that
>pass through the wires will offer "virtually no protection," to quote a
>phrase from a paper co-authored by the principal designer of S/MIME's
>encryption algorithms
>(http://www.bsa.org/policy/encryption/cryptographers.html).

	A public breaking of some S/MIME messages would work to discourage
this unsafe mechanism. One wonders if PGP Inc. could sponsor some variety of
contest?
	-Allen

Follow-Ups:
- Re: PGP, Inc.
  - From: Raph Levien <[email protected]>

Prev by Date: More on spectrum allocation
Next by Date: More on Internet connections
Prev by thread: Re: PGP, Inc.
Next by thread: Re: PGP, Inc.
Index(es):
- Date
- Thread