Am 14.05.2021 um 22:28 schrieb John R Levine <johnl(_at_)taugh(_dot_)com>:
Right, hence my note about LE for S/MIME.
LE is quite clear they won‘t issue certs for S/MIME:
https://community.letsencrypt.org/t/s-mime-certificates/153/2
I‘m not familiar with the internal thinking at LE on this topic, but I guess
one strong argument is the complexity of regularly renewing the certificates,
which is one or two orders of magnitude worse than for server certificates.
It‘s actually even worse, because MUAs (or „security gateways“) need to „learn“
new certs regularly, even if communication is less frequent than the renewal
interval of the certificates.
The other argument may be that people will sometimes lose their private key
(been there myself, I still have part of my mail archive from the late 1990ies
encrypted with a long lost PGP key…).
Still, these and similar issues can be technically solved (or accepted as a
trade-off).
How can ietf-smtp help in paving the way for such an adoption?
— Matthias
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp