I wish I could wave my hands and say "it's a non-issue" like you.
Unfortunately, I'm the one who has to try to explain how to use these
things. Unfortunately, I'm the one who has to deal with the tech support
calls. When I can't figure it out (and I've been trying for over a decade),
how the fuck
Anders Rundgren wrote:
Michael Ströder wrote:
Ian G wrote:
* it has no open + effective key distribution mechanism. (I exclude
the LDAP stuff as that is generally for internal / corporates, and is
not a general solution for the users.)
Just exchanging signed S/MIME e-mails is quite easy f
Michael Ströder wrote:
>Ian G wrote:
>> * it has no open + effective key distribution mechanism. (I exclude
>> the LDAP stuff as that is generally for internal / corporates, and is
>> not a general solution for the users.)
>Just exchanging signed S/MIME e-mails is quite easy for most users. The
Just to clarify: I also see a lot of practical problems to be solved
when encrypting/signing e-mails. And I supported real end-users doing
so. But these are not caused by S/MIME (or PGP) standards itself.
Ian G wrote:
* it has no open + effective key distribution mechanism. (I exclude
the L
Anders Rundgren wrote:
>> So what is then real problem?
>> 1. The European Smart Card industry who do not want to become suppliers
>> of commodities.
>???
>Each time I talked to smartcard vendors they were keen on selling their
>stuff. The more the better.
You mean there is a standard b
Michael Ströder wrote:
Let me comment on a few things. We do not disagree with all but we look from
different angles.
>But crypto tokens are not suitable for S/MIME encryption keys because of
>the growing key history needed. So one has to distinguish PKI-enabled
>applications.
Authentication
On 11/27/2008 01:22 PM, Ian G:
How do we know whether the keys are managed properly? Good question!
Well, it's a closed architecture & codebase, but it has been audited, so
it bears comparison to any CA which operates a closed/audited procedure.
Bullshit! That's about the same as CAs keeping c
Michael Ströder wrote:
Anders Rundgren wrote:
Ian G wrote:
=> Encrypting/signing must be made a business requirement in contracts.
That's the whole point. And there's no technical solution for it.
That's as close to a perfect dilemma as I've come across! It's not a
business requirement, so
Eddy Nigg wrote:
On 11/26/2008 05:30 PM, Ian G:
Well, I don't see that. PGP and Skype both offer authenticated +
confidential messages, without the "certificate" side of things.
LOL, and how exactly? Or better, how can I validate that? Specially in
the case of skype, we don't even know where
Anders Rundgren wrote:
It seems that you don't believe much in technical solutions as
enablers.
In fact I do. But still there are non-technical issues to be solved for
which no technical solution exist. And I think that steadily inventing
new standards is not a solution for establishing a t
Michael,
It seems that you don't believe much in technical solutions as enablers. As a
technologist I have a bit hard to cope with that :-)
Let me take a practical example. In the EU most on-line banks use two-factor
authentication. The majority of these use OTP (One Time Password) solutions
11 matches
Mail list logo
