<snip> >Now, if the discussion can be steered to how Mozilla's crypto can succeed at >becoming as popular as Skype may be, WITHOUT it having to resort to >- closed source, >- proprietary designs (restricted intellectual property), >- being a closed system with no interoperability, >that may be worthwhile for this forum, IMO.
Which indeed was the ONLY reason why I started this thread. What I see as the problem is how to achieve Skype-level popularity, or even reaching just 0.1% of that (with respect to use of encryption), without retiring schemes like the current standard for secure e-mail. This may as I and also Ian have pointed out, probably involve some kind of compromises, because perfect security does not work on an Internet-scale, it only works in a lab or require a competence which isn't available. Regarding encryption, the case for that in the business sector is mainly to secure messages between partners but still be able to log/monitor/control messages passing the organization border. Microsoft's Outlook in fact supports this out-of-the-box albeit through entirely proprietary methods. For consumers there are two roads to encryption and one is through the use of "trusted providers". Trusted providers DO NOT necessarily mean that messages are point-to-point encrypted but due to commercial reasons it may turn out that this is about the only thing available in order to get a free Gmail, Yahoo!, or Hotmail account. That means that if your goal is perfect (end-to-end) encryption your best choice would be to run your own provider rather than assuming that your certificate or whatever you use will be generally welcome. Note though that for consumer-to-business- person communication end-to-end encryption can never be guaranteed due to the requirements stated earlier. A requirement for general usage is that there is no need to backup old keys because then your'e dead. Anders _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
