John,
I'll address only the name issues, not the PGP patent
infrigmenet issues.
First, PEM didn not invent distinguished names for use in
certificates, we adopted an international standard for certificates in
which the form of names is defined.
Second, althohgh DNS names, as cited in your message, are
widely used and workable, they are deficient in many ways. First,
many (most?) DNS names terribly US-centric. We really ought not have
the top level domains for COM, EDU, ORG, GOV, MIL, etc. There are
carryovers from the early days of the Internet. Top level domains as
countries are more appropriate for a system, with internationl
aspirations. Although there are lots of users registered under DNS,
that does not mean that DNS will scale well into the commercial arena,
where conflcits over who has rights to short names (often acronyms)
will arise. We already are having problems with delegation of naming
authority in the DNS in an increasingly fractious new world order.
So, inductive logic applied to the success of DNS names to date is not
persuasive when arguing about names for an ever growing system.
Third, DNS names, because they tend to be short, are often not
very descriptive. In general you cannot tell, a priori, whether my
mailbox at BBN is STK, SKENT, STKENT, or KENT. In any large
organization short name conflicts arise quickly as first or first and
middle initial differentation leads to conflicts. What PEM wants are
globally unique names which can easily be related to real world
attributes, so that the likelihood of name collision errors do not
permeate secure email exchanges.
Fourth, PGP embodies the "Friends and Family" certification
model, which requires out-of-band arangements and a potentially
complex trust model to assign trust accuracy to name binding (not the
the entities identified by the names) implied by this mesh
certification model. While that may work well for modest numbers of
users, there is considerable belief that it does not scale well for
tens of millions of users on a worldwide basis, nor that it will
support business demands for certification assurance.
John, you cite the relative success of PGP deployment vs. PEM
as indicative of user preference for a system which requires less of
an infrastructure. That may be true, but I don't believe that the
results are in yet. It is often easier to build and deploy a system
with minimal infrastructure requirements and, perhaps, more modest
goals for scaling, assurance ranges, etc. PEM has more agressive
goals and, as a result, requires more infrastructure. Ultimately time
will tell which strategy proves more successful. (Even that is not a
certain indication of which is "better.")
Steve