S/MIME works pretty well for the government. Well-known, limited set of roots,
a huge IT staff, physical certificate devices, and Marines with guns for key
distribution.
Not the same environment for the rest of us, however.
Sent from my mobile device. Thanks be to LEMONADE:
http://www.standardstrack.com/ietf/lemonade
S2ERC: http://s2erc.georgetown.edu/
GCSC: http://gcsc.georgetown.edu/
Me: http://www.cs.georgetown.edu/~ eburger
-------- Original message --------
From: Phillip Hallam-Baker <hallam(_at_)gmail(_dot_)com>
Date:12/03/2013 10:15 PM (GMT-05:00)
To: Jim Gettys <jg(_at_)freedesktop(_dot_)org>
Cc: Eric Burger <eburger(_at_)standardstrack(_dot_)com>,IETF Discussion
<ietf(_at_)ietf(_dot_)org>
Subject: Re: [rtcweb] Alternative decision process in RTCWeb
On Tue, Dec 3, 2013 at 10:15 AM, Jim Gettys <jg(_at_)freedesktop(_dot_)org>
wrote:
On Tue, Dec 3, 2013 at 10:06 AM, Eric Burger
<eburger(_at_)standardstrack(_dot_)com> wrote:
Agreed. The problem is not that people cannot choose between S/MIME or PGP. The
problem is few people use anything.
Both fail the usability by mere mortals test, much less the usable by most
geeks test... So the experiment is meaningless.
+1
Basically S/MIME was implemented to gain checklist compliance and little else.
It didn't have to work well, it just had to satisfy the government procurement
requirement. PGP meanwhile suffered from an excess of ideological commitment.
If we only had one standard it would have been harder for people to ignore the
problems.
I find the defeatism quite depressing. If we know the reason the previous
efforts have failed, all we need to do is to address them and try again.
--
Website: http://hallambaker.com/