In
<198A730C2044DE4A96749D13E167AD375A29FE(_at_)MOU1WNEXMB04(_dot_)vcorp(_dot_)ad(_dot_)vrsn(_dot_)com>
"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> writes:
The limited security assurances provided by S/MIME are the result of the
Did you mean DKIM here instead of S/MIME?
limitations of DNS as a key distribution mechanism. Defining the
interfaces to existing PKI work such as PKIX and XKMS is all that is
required to provide the type of end-to-end security assurances and
persistent signature guarantees that S/MIME is intended to provide.
If you didn't mean DKIM, could you please explain why S/MIME has
limited security assurances?
/me is confused
The likelihood that DKIM will replace the S/MIME signature component
does not however mean that S/MIME supporters should see it as a threat,
[...]
There is a potential win-win situation here, if we are prepared to look
at the bigger picture.
Agreed.
-wayne