ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?

2016-08-16 15:29:55
from [Phillip Hallam-Baker] [Permanent Link] 
On Sun, Aug 14, 2016 at 10:37 AM, ianG <iang(_at_)iang(_dot_)org> wrote:



Right - that word legacy.  My experiences are that you can get both of the
tech stacks to handle the requirements with enough nailing and pain.  But
at some point the tech stack starts to interfere too dramatically, and
you're better off starting again.

One issue to bear in mind is that we are talking about a rather narrow and
dated concept - email.  In the pre-web world, all comms was basically
email.  Most comms these days is not email.  And, what we knew about what
was interesting in the late 1980s early 1990s is no longer the text book.
Other methods/views/requirements are much more interesting.

Which is to say, we could narrow the scope so that we could get these
tools to finally slay the dual standard dragon, but we'd still be slaying a
beast that is no longer big and scary.

iang, chiming in yonks late.



​My thoughts pretty much.​

I see three possible paths towards convergence and I am trying for all
three.

1) Converge S/MIME and OpenPGP standards to the point that they are
functionally interoperable. So just like the fact that 120V and 240V are
still in use, pretty much every laptop you buy will work on either without
issue. The supply voltage is no longer an issue for most equipment.

2) As in (1) above but the systems merge to the point that one or the other
'wins'.

3) Propose a completely new infrastructure that might supersede both
because it offers a major functional advance.

​I don't see much point in a third standard that does the same as OpenPGP
and S/MIME. But where there is opportunity is to offer wider functionality.

* If I have someone's public key, I should be able to contact them securely
by mail, chat, messaging, voice or video. ​

​* Integrating proxy re-encryption into the system so that it is possible
to have end to end secure confidential mailing lists, controlled document
distribution and support for individually keyed devices.

Right now I am looking at how to make use of proxy re-encryption as a
'clean slate' proposal. Once I get that working we can look at the system
and decide whether it makes sense to back-engineer it into legacy systems
or not. ​

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?, ianG
Next by Date:  [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Previous by Thread:  Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?, ianG
Next by Thread:  [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]