Date: Wed, 30 Mar 94 18:53:34 EST
From: jueneman%wotan(_at_)gte(_dot_)com
But what a scary thought you raised --
the reason why no one is using PEM is because no one has any
secrets, and everyone trusts everyone else. What will we security
types do to make a living? Where is Robert Morris Jr. when we
really need him! :-)
Just a data point. There are currently roughly 3,620 PGP keys on the
PGP key servers --- despite the fact that use of PGP generally entails
violation of RSA DSI's patents. (Note that this number only includes
those people who have published their keys; others, due to the patent
issue, may not have published their keys on the key servers, and so
would not be counted in this figure.)
There are also people using RIPEM as well.
Meanwhile, we haven't even been able to get our act together to generate
a PEM root key; my understanding is that this at least partially related
to the liability involved in running a root which *everyone* has to
trust, although there may be other show stoppers as well.
So there definitely is at least some amount of demand for secure
electronic mail using RSA. It's just that by and large, people just
aren't using PEM to satisfy their needs.
- Ted