ietf
[Top] [All Lists]

Re: authenticated email

2003-06-03 17:55:02
I have tried both s/mime and pgp, well in fact still trying to use pgp.

The main problem is an implementation problem, where a bad and popular
version of Outlook was crashing when trying to verify the signature.

Now it all comes down to a global PKI, be it SSL/TLS or PGP. PGP has got
it running at an individual user level with the www.keyservers.net but
for TLS NO CA will deliver a certificate that can sign other
certificates (corporate e-mail certificates). I think there are some
attempt to do that...

If you look back on this list you will see a thread called GLOBAL PKI
where there was a lot of discussion at the time...

For spamming having signed e-mail is good as you can trace back
(traceability). But are you responsible when a virus on your computer
sends signed e-mail with a virus attachment.

At a SPAM meeting before INET2002 a company talked about certifying
advert....

Well all the options are open, but going to have a mainstream digital
signature is the goal...

Cheers
Franck

On Wed, 2003-06-04 at 09:13, Harald Tveit Alvestrand wrote: 

I thought I'd try this....

is there any particular disadvantage or centralization of power implied in 
me signing this message with my PGP key?

If not, is there any particular reason that I shouldn't do this all the 
time?

It's not a solution, but is there a downside?

                  Harald Alvestrand, wondering.....




-- 

Franck Martin <franck(_at_)sopac(_dot_)org>

SOPAC
<Prev in Thread] Current Thread [Next in Thread>