ietf-822
[Top] [All Lists]

RE: RHijacked Addresses

2002-08-05 13:19:29

At 12:56 PM -0700 8/5/02, Dan Wing wrote:
 > At 8:49 PM +0200 8/4/02, Jacob Palme wrote:
 >I am not a security expert and do not understand why.
 >Possible causes could be:
 >
 >- Competing standards where unity is needed.

 Not true for email. S/MIME has been built into most widely-used MUAs
 for many years; almost no one uses it.

Not to be confused with PGP, the Other Standard.  Which isn't built
into many MUAs but does have plugins for nearly all major MUAs.

If a user needs a plugin, it is not easily available.

  And
is used by some people -- it's certainly easier to use with a group
of people than S/MIME.

Among groups of technically-savvy people, yes. Among typical users, no. Pre-trusted roots are much simpler to use than webs of trust. They are, of course, much less safe.

As an implementor, there isn't a simple choice of which to implement --
you have to implement both to cover cases of customers that prefer
one over the other.

So few users have any preference that this becomes moot.

--Paul Hoffman, Director
--Internet Mail Consortium

<Prev in Thread] Current Thread [Next in Thread>