Yes. :-)
But with an e-mail process in front of it.
So if someone wants to run such a service altruistically, it'll suffer from
lack of voluntary uptake.
Alternatively, if someone wants to run such a service and make it required,
it'll suffer from lack of a business model.
The problem is that there are so many ways normal end users have to know about
to get access to only partial space of S/MIME certs.
The real problem is S/MIME is a solution looking for a problem.
The first problem is that the generally perceived need for end-to-end email
integrity and confidentiality outside corporate and government networks is low.
Most common use cases are primarily met by opportunistic TLS between MTAs,
which is generally (though slowly) increasing
(http://www.google.com/transparencyreport/saferemail/?hl=en) and not under the
user's control.
The second problem is that in all environments normal end users don't know
squat about cryptography and have an exceedingly hard time grappling with it.
As simple as S/MIME and certificates appear to us, to most users it's an
impenetrable fog. In the environments I support, we've had to resort to
deploying MUA plugins to try to detect cases where integrity or confidentiality
should be employed and prompt (or force) the user to comply. These kinds of
technological fixes to people problems are usually a good sign of failure.
-- T
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime