RE: Sad situation!!!
Peter Williams <peter@verisign.com> Thu, 03 October 1996 13:07 UTC
Received: from cnri by ietf.org id aa02334; 3 Oct 96 9:07 EDT
Received: from neptune.hq.tis.com by CNRI.Reston.VA.US id aa09226; 3 Oct 96 9:07 EDT
Received: from neptune.tis.com by neptune.TIS.COM id aa04852; 3 Oct 96 8:31 EDT
Message-Id: <01BBB053.9C290A10@Peter.verisign.com>
From: Peter Williams <peter@verisign.com>
To: "pem-dev@tis.com" <pem-dev@tis.com>, "'Frederik H. Andersen'" <fha@dde.dk>
Subject: RE: Sad situation!!!
Date: Wed, 02 Oct 1996 11:19:41 -0700
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: pem-dev-approval@neptune.tis.com
Precedence: bulk
Frederick, Its not believable, given the personal credibilty problems which would result, that a PGP trademarked product will ever support key recovery, with mandatory access to confidential material, by third parties, including potential covert (wrt to the subscriber) access by law enforcement. This inability to support a feature which US corporate users demand almost make PGP a commercial product disaster, in that corporate market. (The above assumes, corporates do in fact demand key recovery, to control access to their own property.) Does PGP have a major place in the market to which its always appealed. Of course. Does it have appeal to the general purpose residential market. We will see, and I wish it luck, personally. PGPs destined lack of ubquity however, suggests that, it will not become an actual standard for general interoperabilty between internet folk, corporate, residential, or civil libertarians, alike. Now, the standards situation would be reversed if PGP were to permit key escrow. However, full ubiquity would still be lost, as the traditional PGP users group will no doubt refuse to use the product, and many current distributors of the public-domain version would be morally forced, on civil liberatarian grounds, to cease distribution (or be labelled hypocrits). Whilst underground PGP will inevitably continue to thrive, its denotation as an internet standard will be as suspect as today. Peter. ---------- From: Frederik H. Andersen Sent: Wednesday, October 02, 1996 2:04 AM To: pem-dev@tis.com Cc: pgp-mime@purpletape.cs.uchicago.edu; smime-dev@RSA.COM; resolving-security@imc.org; iesg@ietf.org Subject: Sad situation!!! Hi! I have followed for years now the attempts to produce a workable secure email standard which also would be (or become) widely implemented - in US as well as elsewhere! I think the situation is very sad! The efforts have more or less failed and vendor specific standards seems to prevail - all with seemingly unusable (short keys) security features; even serious X.400 based proposals exists! It seems to me, that the only usable solution will have to be based on PGP somehow! Why? Because PGP supports unlimited strong cryptographic features, is widely used, is available in the public domain in US as well as outside US, and is also available as a commercial product! The MIME specifications seemed to promise a solution for secure mail but still the standards are not widely accepted and adopted. And even more sad, the most widespread use of MIME is in the WWW/http domain where seemingly only vendor specific standards survive :-( If I ruled the world (!) the PGP/MIME integration had been finalized years back, all mail user agents and Web browsers and servers would have support for this in the form of external hooks so export related problems were avoided. For really performance important products development teams outside the US would have integrated PGP more directly into their products! Those of you that more or less agree, please tell me: Is there still hope? Where am I wrong? What's happening about PGP 3.0? Those of you that are happy that I'm not in charge: What alternative security product do or will match the (potential?) capabilities of PGP? Yours, Frederik
- RE: Sad situation!!! Peter Williams
- Re: Sad situation!!! Bill Sommerfeld
- RE: Sad situation!!! Peter Williams
- RE: Sad situation!!! michel (m.) ranger
- RE: Sad situation!!! Peter Williams
- RE: Sad situation!!! michel (m.) ranger
- RE: Sad situation!!! michel (m.) ranger