--- Craig McGregor <Craig(_dot_)McGregor(_at_)treasury(_dot_)govt(_dot_)nz>
wrote:
Actually I ask the same question in reverse. There really
needs to be some pretty good reasons why we would even
consider S/MIME.
S/MIME is common building block in many systems today.
That's simply not true in terms of Internet email. None of the major Internet
email progams or email services have any code relating to S/MIME. Ask sendmail?
Do they have embedded S/MIME? No. Ask qmail. Does it have embedded S/MIME? No.
Ask AOL do they have embedded S/MIME? No. Ask Yahoo. Do they have embedded
S/MIME? No. Ask postfix. No. Ask exim. No. Ask smail. No. Ask SpamAssassin. No.
Ask procmail. No. The list goes on.
Apart from exchange. S/MIME is not a common building block in any significant
email program that deals with Internet email.
If you rule out all of the above, you're left with a tiny minority - perhaps
1-2% of email programs facing the Internet that *might*, just *might* have
those S/MIME building blocks in them.
S/MIME has loads of running code
No it doesn't. It exists in enclaves only and it processes an irrelevantly
small amount of Internet email. A lot of people may have written S/MIME code,
but the exposure to non-enclave Internet email is virtually non-existent.
Much more than a "niche" player I wouldn't you think?
I think not.
The Internet carries 100+B messages per day. Can you elaborate (with more than
hand-waving) on what proportion of that constitutes S/MIME email to non-enclave
participants? My guess is vastly less than 1% - which surely constitutes a
niche player at best.
Mark.