>> This is probably due to the fact that these efforts are not based on what
>> the US government needs but what the Internet community needs.

>I fail to see who exactly "the Internet community" is. Maybe that's the 
>reason I don't understand the problem.

I don't claim to be the definer of this term so I can only give examples
that shows what *I* refer to.

S/MIME is a scheme that has failed to deliver value except
in local communities.  I.e. a typical US government solution.
DKIM is a transparent signature scheme that in spite of being
10 years too late is already securing many more messages than
S/MIME.

The German e-invoice scheme is another example of
extreme misuse of technology that will forever (=until 
the current generation of security experts retire...) make
PKI.DE a very expensive and complex solution.  I note
(with mixed feelings) that some Swedish companies have
found a profitable niche by offering support for German
e-invoices which among many things involves stacks
smart cards emulating an office filled with invoice clerks.
We somewhat more lazy people just put a single non-
personal certificate (like a Verisign web-server cert) and
a key in a HSM to sign outgoing invoices which scales
globally without requiring monstrosities like Bridge CAs..

Anders
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to