[3707] in cryptography@c2.net mail archive
Re: Wassenaar vs. CipherSaber
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Sat Dec 5 10:37:04 1998
From: "Enzo Michelangeli" <em@who.net>
To: <jim@acm.org>, <cryptography@c2.net>
Date: Sat, 5 Dec 1998 09:24:12 +0800
-----Original Message-----
From: Jim Gillogly <jim@acm.org>
To: cryptography@c2.net <cryptography@c2.net>
Date: Saturday, December 05, 1998 8:43 AM
Subject: Re: Wassenaar vs. CipherSaber
[...]
>I would dearly love to see a bite-sized implementation that really solves
>the world-wide secure communications problem by offering transparent
>strong encryption. Perhaps the holy grail would be a page describing a
>Netscape plug-in that would magically make its mail transparently secure.
>
>Failing that, how about the long-awaited OpenPGP plug-in for Netscape mail?
Netscape mail, with its S/MIME capability, is already an excellent tool. It
only has two real disadvantages vs PGP:
1. Getting X.509 certificates from commercial CA's is expensive and
bothersome
2. Out of the US, it's only available in crippled strength.
However, the point 1. could be easily circumvented by a simple-to-use
"personal CA" signing certificate requests to provide self-signed certs,
which will be authenticated out-of-band (e.g., checking the fingerprint over
the phone): after all, that's how usually PGP is used - very few people,
AFAIK, use the web of trust. And the point 2. has already been solved by
Fortify and others by patching the code.
Am I missing something?
Enzo
