[20109] in cryptography@c2.net mail archive
Re: NPR : E-Mail Encryption Rare in Everyday Use
daemon@ATHENA.MIT.EDU (Alex Alten)
Sun Feb 26 10:20:52 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 24 Feb 2006 20:05:52 -0800
To: Ben Laurie <ben@algroup.co.uk>, Ed Gerck <edgerck@nma.com>
From: Alex Alten <alex@alten.org>
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, cryptography@metzdowd.com
In-Reply-To: <43FF1F48.7060806@algroup.co.uk>
At 02:59 PM 2/24/2006 +0000, Ben Laurie wrote:
>Ed Gerck wrote:
>We have keyservers for this (my chosen technology was PGP). If you liken
>their use to looking up an address in an address book, this isn't hard
>for users to grasp.
I used PGP (Enterprise edition?) to encrypt my work emails to a distributed
set of
members last year. We all had each other's public keys (about a dozen or so).
What I really hated about it was that when fred@company.com sent me an email
often I couldn't decrypt it. Why? Because his firm's email server decided
to put
in the FROM field "fred@server.company.com". Since it didn't match the email
name in his X.509 certificate's DN it wouldn't decrypt the S/MIME attachment.
This also caused problems with replying to his email. It took us hours, with
several experimental emails sent back and forth, to figure out the root of
the problem.
No wonder PKI has died commercially and encrypted email is on the endangered
species list.
- Alex
--
- Alex Alten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
