ietf-mailsig
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Narrow the scope: no new email signature protocol

2004-10-07 09:24:44
from [domainkeys-feedbackbase01] [Permanent Link] 

--- Andrew Newton <andy(_at_)hxr(_dot_)us> wrote:



On Oct 7, 2004, at 2:49 AM, domainkeys-feedbackbase01(_at_)yahoo(_dot_)com 
wrote:


S/MIME is not a common building block in any significant
email program that deals with Internet email.


Except for Outlook and Mozilla based MUAs.  That's a lot of programs.


Come on Andy; the discussion clearly relates to internet email transport
programs - those that are most interested and are most likely to be early
participants in MASS. Citing Mozilla and Outlook in this context is unlikely to
sway MTA authors.


The Internet carries 100+B messages per day. Can you elaborate (with 
more than
hand-waving) on what proportion of that constitutes S/MIME email to 
non-enclave
participants? My guess is vastly less than 1% - which surely 
constitutes a
niche player at best.


How much is being handled by DK successfully?


A good question. We expect, within a number of months, that more
*Internet-transport-email* will be DK signed and potentially verified than
S/MIME. The whole point is that we want to move beyond hand-waving for
something as potentially disruptive as MASS.


Given your statement above, I doubt this would do much to change your 
mind.


Not so. All I'm suggesting is that nothing less than real-world, relevant
evidence, is what is needed prior to making credible claims in MASS space. Do
you think anyone will be sufficiently convinced with less than that?


Well, if you've got data or hard-core experience suggesting that S/MIME 
(or PGP) will not work, let's hear it.  You've obviously got some deep 
prejudice against S/MIME.  If it has a problem, I do not want to use 
it.


The deep prejudice has been identified numerous times. Suggesting S/MIME for
MASS is to impose a new and disruptive format of email on the whole transport
infrastructure. That creates a mind-boggling risk, IMO.

Like it or not, until that risk is comprehensively addressed and proven not to
be a problem, S/MIME is unlikely to be taken seriously by those who have to
implement, deploy and live with the consequences of MASS.

The trivial part of MASS is the engineering. As others have said, the hard part
of MASS is convincing a huge deployment to change. Expounding on the problems
of S/MIME is not an agent of change - it's merely flailing on an IETF mailing
list. Something I promise not to do to further.


Mark.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: costs of different approaches, Rand Wacker
Next by Date:  signature semantics-my take, rbarclay
Previous by Thread:  Re: Narrow the scope: no new email signature protocol, Andrew Newton
Next by Thread:  Re: Narrow the scope: no new email signature protocol, Andrew Newton
Indexes:  [Date] [Thread] [Top] [All Lists]