Bob,
SFVPM (Send Flames Via Personal Mail). To save time I'm only going to
respond to the important parts of your message.
Yes, for public key encryption you need the other guy's real key, just as
you need the other guy's real address. Somehow we manage to get usable
addresses even while directory services such as X.500 are still optional,
and largely nonexistent. We can get keys using similar methods. The
biggest argument against these alternatives seems to be that "they don't
scale well". That's almost exactly equivalent to saying 10 years ago that
the Internet and USENET wouldn't scale well. They already have. The only
real bump is Internet's fixed size for IP addresses, and that issue is
easy to solve in any new system.
Bob, your own comments have shown that a Persona will be treated as a
clown suit.
Like most people here I want privacy. I don't want third party
authentication or non-repudiation or chrome tailfins or fuzzy dice on
every single message. This obvious option isn't yet in PEM.
Doug