Peter Williams wrote:
Further, S/MIME's signed
+ encrypted message format reveals the identity of the signatory. My
argument is simply that the relative quality is still controversial.
S/MIME reveals the name in the certificate. Under issuing
policy this may or may not refer to an identity of a real
world object.
S/MIME key distribution design faciliates users knowing
whether the name is likely to be real or a mere personae.
I still maintain that, from a usability standpoint, protecting the
identity of signatories in encrypted messages would work a whole lot
better than juggling a slew of personae.
I have come to believe that the theoretical capabilities of e-mail
encryption protocols are not the best way to evaluate them. What's more
important is what can be done straightforwardly and transparently, as
seen from the perspective of the actual user. It is the latter which
determines the security features that will actually be used in the
field.
From this point of view (which is admittedly controversial), S/MIME
has a number of important weaknesses with respect to PGP. In particular,
it seems inevitable that (a) the identities of signatories will be
broadcast on the Net, and (b) the vast majority of encrypted messages
will be encrypted using 40-bit encryption.
The task of picking a winner is best left to the market.
S/MIME can be operated in PGP mode, and I expect to see
this emerge shortly.
Let me add my puzzled voice to Derek's query. What, exactly, does
this mean? I have been participating on the imc-miso-start mailing list,
which is chartered to identify, justify, and resolve the differences
between PGP, S/MIME. and MSP. I have seen _no_ substantial progress
towards integrating S/MIME and PGP.
Raph