<snip>
>Now, if the discussion can be steered to how Mozilla's crypto can succeed at
>becoming as popular as Skype may be, WITHOUT it having to resort to
>- closed source,
>- proprietary designs (restricted intellectual property),
>- being a closed system with no interoperability,
>that may be worthwhile for this forum, IMO.

Which indeed was the ONLY reason why I started this thread.

What I see as the problem is how to achieve Skype-level popularity,
or even reaching just 0.1% of that (with respect to use of encryption),
without retiring schemes like the current standard for secure e-mail.

This may as I and also Ian have pointed out, probably involve
some kind of compromises, because perfect security does not
work on an Internet-scale, it only works in a lab or require
a competence which isn't available.  Regarding encryption,
the case for that in the business sector is mainly to secure messages
between partners but still be able to log/monitor/control messages
passing the organization border.  Microsoft's Outlook in fact supports
this out-of-the-box albeit through entirely proprietary methods.

For consumers there are two roads to encryption and one is
through the use of "trusted providers".  Trusted providers DO NOT
necessarily mean that messages are point-to-point encrypted
but due to commercial reasons it may turn out that this is about
the only thing available in order to get a free Gmail, Yahoo!,
or Hotmail account.

That means that if your goal is perfect (end-to-end) encryption
your best choice would be to run your own provider rather
than assuming that your certificate or whatever you use will be
generally welcome.  Note though that for consumer-to-business-
person communication end-to-end encryption can never be
guaranteed due to the requirements stated earlier.

A requirement for general usage is that there is no need
to backup old keys because then your'e dead.

Anders
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to