From: Doug Porter <dporter(_at_)well(_dot_)sf(_dot_)ca(_dot_)us>
Subject: Re: >Purpose of PEM
Message-Id:
<93Aug8(_dot_)010305pdt(_dot_)14229-2(_at_)well(_dot_)sf(_dot_)ca(_dot_)us>
Date: Sun, 8 Aug 1993 01:02:48 -0700
Doug wrote:
Multiple respondents also expressed that their potential
customers want privacy most. That matches what I hear from our own
customers, who for earlier products have definitely included many of the
Fortune 1000.
What the developers here want is crystal clear. They've said they want
privacy first.
Doug,
I believe you'll find two poles -- almost disjoint groups.
For EDI purposes (something I predict will be the majority of public-key
use, someday), the most important thing is authentication/authorization. I
don't see anyone using PEM for EDI yet, but I could just be slow. We're
not using it here for EDI, at any rate.
For personal e-mail, for me, the most important thing is privacy -- and
since the majority of my correspondents were acquired by e-mail, the
idea of certificates is nonsense. All that matters to me with these
people is that today's message came from the same person as last month's.
I formed trust based on last month's message -- not based on some
corporate affiliation.
For the *few* old friends with whom I have encrypted mail (people for whom
association between key and flesh-and-blood might matter to me), I can
verify keys easily and out of band. I don't need a certificate structure
for that.
- Carl
- <<Disclaimer: All opinions expressed are my own, of course.>>
- Carl Ellison
cme(_at_)sw(_dot_)stratus(_dot_)com
- Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783
- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488