Re: Why are mail servers not also key servers?

["John Levine" <johnl@taugh.com>]

In article <3BAB6CADBB6CA243A443E7C6674F2AB4082F04A1D6@PTPTVDEX02.PTPortugal.corpPT.com> you write:
>Thanks Paul. We're considering untrustable email/DNS/... servers. OK.	
>
>This particular email hasn't any jurisprudence value. However, it could have the same value as a registered letter, couldn't it?

Postal mail isn't a very good analogy here.  Registered postal mail
depends on a trusted third party, the government post office, to make
assertions about the mail it handles.  It typically provides two
services.  One is reliable delivery of valuable physical objects like
jewelry which doesn't apply to e-mail.  The other is to prove that one
party sent a message to a second, even if the second party doesn't
want it and won't sign for it.  (The usual example is a letter from
your insurance company saying they've canceled your policy.)  In the
US they're separate services Registered and Certified mail, elsewhere
they're usually combined.

E-mail crypto doesn't do either of those things.  A digital signature
says that this message really came from whoever, with the physical
analogy being a notary stamp.  Encrypted e-mail doesn't promise that
the mail will be delivered, but makes a negative promise that it will
not be delivered to (or at least read by) anyone but the person with
the key.

If a recipient is cooperative, and sends you back a message signed
with the same key to which you encrypted the message, that tells you
he got it, but that's not a very interesting case.

In the real world we have centuries of law and practice that tell
notaries how to verify someone's identity, and tell recipients what
the value of a notary stamp is.  In e-mail, we have the web of trust
for PGP and for S/MIME third party CAs (or DANE domain assertions)
none of which map very well into the way we manage identities in the
normal world.

R's,
John