Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Why ~not~ S/MIME?

Ali-Reza Anghaie ali at
Tue Jul 30 01:28:12 PDT 2013

On Tue, Jul 30, 2013 at 4:20 AM, Ralph Holz <holz at> wrote:
> I am not sure I agree with the OPSEC issue. There are a bunch of
> synchronised SKS key servers. As for people's capability to judge
> others' accuracy in determining identity, well... is that so much worse
> than a CA system, where a CA does only an e-mail check, but no EV?
> Furthermore:
> * With the current weakness of the CA system (all CAs are equal), I
> trust PGP a whole lot more


For "us" that's meaningful - is it for most people? Even 1%?

Also - I wasn't clear at all - when I cited OPSEC I also meant if you
want to use S/MIME in a PGP self-generated and distributed fashion you
can do so. So what's not to say that a community or lets say EFF
managed S/MIME issuing server w/ the Mozilla Foundation involved or
what-not isn't, in practical terms, a much faster pathway to encrypted
email adoption?

That's what I'm getting at. Do we have a way to end-route the problem
we're not taking advantage of?

> What makes PGP more attractive to me is the higher degree of control I
> can exercise.

Exactly - agreed. Entirely. Also the problem w/ the adoption. Higher
degree of ~responsibility~ also...

So I'm trying to figure out if this is another situation where the
people doing the advocating (the proverbial "us") aren't thinking
about the end-user reality. And - in this case - if we have a
perfectly acceptable security model within reach that requires tweaks
to S/MIME or tweaks to PGP. And are the "tweaks" to S/MIME such that
it's more readily attainable on a broad organizationally supported
basis (again giving EFF and Mozilla Foundation as sponsoring

Thank you for the time of your response, Cheers, -Ali

More information about the liberationtech mailing list