This is not an objection to web-of-trust. In a separate standard such as
Open
PGP, it has a very useful place. But it should be just that--embedded in a
separate standard. Let the market decide, not some partisans of one
commmercial interest or another, and please do not corrupt a good trust
model
(for its purposes) to try to make it universal.
I fail to see the dichotemy. The difference between PGP and X.509 as
implemented in Outlook Express or Explorer is much less than the
marketing implies.
PGP certificates have severe liability problems that would make it
difficult for anyone to offer a commercial CA service. Somehow I don't
like the idea of signing a contract with an unspecified and unlimited
relying party liability.
Once the PEM dogama of a rigid hierachy is abandoned there is only
one major difference between PGP and X.509. In the PGP model
everyone issues certificates, in the X.509 model there are people
who issue certs and people who only use them.
Existing clients have the capability to add certs for non native roots
(try the cert I used to sign this!). Supporting the PGP trust model
in S/MIME means no more than someone writing 'My Personal
Cert Server' as a certain resident of Redmont WA has suggested.
The decision to trust someone to certify other keys is intrinsically
more onerous than the decision to trust their particular key. Hence
my grandmother is unlikely to be trusting a David Sternlight key
signed by Tim May any time soon. Trusted third parties genuinely
add value.
If explicitly supporting the PGP web of trust model will end the
pointless message format battle and get the PGP userbase to
realize that S/MIME has won the email security standards war
I am all for it. There are 25 million clients in the hands of end
users today. I want to see everything done to encourage people
to start using them.
PGP's Web of Trust is no threat to the CA model. If that population
of 25 million folk each certify ten users the minimum diameter of
the resulting graph is seven. That means that folk are going to have
to deal with certificate paths of seven certs on a regular basis. - and
that's with less than 1% of the planet's population using it!
I don't think many people would want to depend on cert paths longer
than 2 certs unless the issuers were making very strong assurances
about the subjects. This implies that there have to be at least some
nodes with very high degree which in turn implies specialist CAs.
Something that attempts to be all things to all men will inevitably end up
being nothing to no one.
Which read literally implies everyone is partially satisfied!
Seriously, lets not go goring folks favourite oxen when they can be
roasted instead.
Phill
smime.p7s
Description: S/MIME cryptographic signature