Re: [TLS] the use cases for GSS-based TLS and the plea for
Russ Housley <housley@vigilsec.com> Fri, 27 July 2007 20:21 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IEWJN-0002jA-Vg; Fri, 27 Jul 2007 16:21:21 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IEWJM-0002j5-PS for tls@ietf.org; Fri, 27 Jul 2007 16:21:20 -0400
Received: from woodstock.binhost.com ([66.150.120.2]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1IEWJJ-00060o-Be for tls@ietf.org; Fri, 27 Jul 2007 16:21:17 -0400
Received: (qmail 31429 invoked by uid 0); 27 Jul 2007 20:21:10 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (67.97.210.2) by woodstock.binhost.com with SMTP; 27 Jul 2007 20:21:10 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Fri, 27 Jul 2007 15:21:11 -0500
To: ietf-smime@imc.org, ietf-pkix@imc.org
From: Russ Housley <housley@vigilsec.com>
Subject: Re: [TLS] the use cases for GSS-based TLS and the plea for
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Message-Id: <E1IEWJN-0002jA-Vg@megatron.ietf.org>
Excuse the cross-post, but this message seems relevant to these lists as well as TLS. Russ = = = = = = = = = = Date: Sat, 28 Jul 2007 04:17:33 +1200 From: pgut001@cs.auckland.ac.nz To: martin.rex@sap.com Subject: Re: [TLS] the use cases for GSS-based TLS and the plea for Cc: tls@ietf.org Martin Rex <Martin.Rex@sap.com> writes: >I spent an hour until I gave up. All implementations of S/Mime-capable >MUAs are so horribly broken that even someone with a technical >understanding runs into brick walls everywhere. It's not just S/MIME clients. The PARC study found that people with *PhDs in computer science* took, on average, over two hours to set up a cert for their own use (using paint-by-numbers screenshots as instructions), rated it as the hardest computer task they'd ever been asked to perform, and had no idea what they'd done to their computer when they were finished. PKI people who reviewed the paper were shocked at this, since they assumed that anyone could do it in a few minutes. (There's lots more like this in the two refs I gave. HCISec is a real eye- opener on the real-world effectiveness of security technology :-). Peter. _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- Re: [TLS] the use cases for GSS-based TLS and theā¦ Russ Housley