[20156] in cryptography@c2.net mail archive
Re: NPR : E-Mail Encryption Rare in Everyday Use
daemon@ATHENA.MIT.EDU (Alex Alten)
Tue Feb 28 14:42:17 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 26 Feb 2006 16:04:53 -0800
To: Ben Laurie <ben@algroup.co.uk>
From: Alex Alten <alex@alten.org>
Cc: Ed Gerck <edgerck@nma.com>, Paul Hoffman <paul.hoffman@vpnc.org>,
cryptography@metzdowd.com
In-Reply-To: <4401E197.7050404@algroup.co.uk>
At 05:12 PM 2/26/2006 +0000, Ben Laurie wrote:
>Alex Alten wrote:
> > At 02:59 PM 2/24/2006 +0000, Ben Laurie wrote:
> >> Ed Gerck wrote: We have keyservers for this (my chosen technology
> >> was PGP). If you liken their use to looking up an address in an
> >> address book, this isn't hard for users to grasp.
> >
> > I used PGP (Enterprise edition?) to encrypt my work emails to a
> > distributed set of members last year. We all had each other's public
> > keys (about a dozen or so).
> >
> > What I really hated about it was that when fred@company.com sent me
> > an email often I couldn't decrypt it. Why? Because his firm's email
> > server decided to put in the FROM field "fred@server.company.com".
> > Since it didn't match the email name in his X.509 certificate's DN it
> > wouldn't decrypt the S/MIME attachment. This also caused problems
> > with replying to his email. It took us hours, with several
> > experimental emails sent back and forth, to figure out the root of
> > the problem.
> >
> > No wonder PKI has died commercially and encrypted email is on the
> > endangered species list.
>
>I trust you don't think this is a problem with PKI, right? Since clearly
>the issue is with the s/w you were using.
I place the blame squarely on X.509 PKI. The identity aspect of it is all
screwed up.
No software implementation can overcome such a fundamental architectural flaw.
- Alex
--
- Alex Alten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
