[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Authentication and email
At 5:54 PM +0100 2/11/03, Harald Tveit Alvestrand wrote:
realistically....
in email, security is available whenever two users want it, have
mail systems that implement it, and there is no bit-damaging
component between them.
at the moment I can't send secure mail between my two mail readers
(because I have not upgraded one of them with the
optional-to-install security components).
and about 50% of the time I see PGP-signed mail, I get the "I don't
trust this" beep, for one reason or another.
At the point where the IETF sets down a single interoperable standard
for email security, this situation is likely to improve. It is even
more likely to improve if that standard is not based on other
standards that have known interoperability issues.
Realistically, that won't happen, but we can always hope. But we can
learn the lessons from this debacle and try to not make the same
mistakes with other IETF protocols.
--Paul Hoffman, Director
--VPN Consortium