Re: Evaluation: draft-ietf-pilc-link-design - Advice for Internet Subnetwork Designers to BCP

[Russ Housley <housley@vigilsec.com>]

Patrik:

> > 1.  PGP is mentioned in the 3rd paragraph.  S/MIME should also be 
> > listed.  S/MIME is included in every major mail agent (except the one 
> > from Qualcomm).  While S/MIME suffers from the lack of ubiquitous 
> > certificate enrollment, PGP suffers from the lack of integration into 
> > mail stream mail agents.  In my opinion, either mention both or neither.
> I agree in general, but, my guess is that the text is as it is as it 
> describes what is in use.
>
> Personally, I receive pgp-signed email every day, but have never got an 
> email signed with S/MIME, _except_ from Jeff Schiller a few times.
>
> And for the email programs I have used, I have always found PGP plugins 
> but never S/MIME. No, I have never used Netscape mailer or outlook. Only 
> pine, mh, eudora, mulberry and apple mail.app.
>
> Note that the paragraph start with saying what is deployed and in use. I 
> claim S/MIME is not in use on the global Internet.
>
> If you have other data, please let me know. It would be bad if I am wrong 
> here.
>
> That said, if S/MIME is really in use on the global Internet, of course it 
> should be mentioned. That it is implemented, or used in closed 
> environments is though not enough for me.
I see significant use of S/MIME, but it is not as significant as I would 
like.  The reason for less than ubiquitous usage (in my opinion) is that it 
is too difficult to get certificates.  It is not something that my Dad 
could do.  This is something we need to make a lot easier.  I was expecting 
to see a BoF on this subject in San Francisco, but the organizers 
evaporated.  I am going to try and get different people to carry the effort 
forward.

Russ