Fourth, PGP embodies the "Friends and Family" certification
model, which requires out-of-band arangements and a potentially
complex trust model to assign trust accuracy to name binding (not the
the entities identified by the names) implied by this mesh
certification model. While that may work well for modest numbers of
users, there is considerable belief that it does not scale well for
tens of millions of users on a worldwide basis, nor that it will
support business demands for certification assurance.
John, you cite the relative success of PGP deployment vs. PEM
as indicative of user preference for a system which requires less of
an infrastructure. That may be true, but I don't believe that the
results are in yet. It is often easier to build and deploy a system
with minimal infrastructure requirements and, perhaps, more modest
goals for scaling, assurance ranges, etc. PEM has more agressive
goals and, as a result, requires more infrastructure. Ultimately time
will tell which strategy proves more successful. (Even that is not a
certain indication of which is "better.")
I just want to point something out at this point. The PGP trust
model, while based upon a "web of trust" model, does not rule out the
ability to impose a rigorous hierarchy on top of it. For example,
there is nothing stopping me from converting the ISOC root public key
to a PGP-readable certificate, and then, assuming I trust that key, I
now have the trust model that PEM imposes.
The difference between PEM and PGP, and why I think that PGP is doing
so well, is that PEM imposes this structure, and doesn't work without
it, which PGP *allows* this structure, but doesn't require it, and
works just as well with it as without it!
Yes, it is easier to make a system without an infrastructure, but
there is nothing that says that the infrastructure MUST exist, and if
a system *needs* the infrastructure in order to work, then something
is wrong with that system (IMHO).
Someone mentioned the need for naming? What's wrong with an e-mail
address? For example, how many "warlord(_at_)MIT(_dot_)EDU"'s are there in the
world? I understand the need to a non US-centric internet (notice the
lower-case 'i'), but when the domain names change, then so will my
e-mail address.
Being able to determine the mailbox address for a user with
whom you have nevert exchanged email is a goal of directory services
such as X.500.
Why? If I've never spoken to someone, why would I *want* to send them
e-mail? Because someone gave me their name? Well, then, I ask them
for the e-mail address as well, at the same time.
Think "email address == phone number."
I *USE* my e-mail address like my phone number... In fact, I think I
give people my e-mail address *MORE* than I give them my phone number.
Now, this may be a result of the crowd I'm in, but I don't tend to
agree with that.
The point of PEM is to provide Privacy Enhanced Mail, not Secure
Personal Assurance of Identity, Electronic or Otherwise, isn't it?
-derek