Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Why ~not~ S/MIME?

Ali-Reza Anghaie ali at packetknife.com
Tue Jul 30 02:00:46 PDT 2013


On Tue, Jul 30, 2013 at 4:49 AM, Guido Witmond <guido at witmond.nl> wrote:
> My biggest beef with S/MIME is the certificates of the CA's.
>
> The CA's validation policy requires you to prove your real world
> identity to them. Which they then write into the certificate.
>
> It means that each and every email is tagged with your true identity for
> life. No thanks....

Self-signed S/MIME certs work just fine - however, you lose part of
the ease-of-use. I'm really talking about in the context of today's
PRISM (and friends) discussions with ~everyone~...

Also - I'm still not sure "we" can't solve that between the various
organizations that are pushing these privacy issues and the browser
vendors. A community trusted CA that conforms to whatever rules EFF
and EPIC come up with (as one suggestion).

To confirm - so far the object (the main one) - is the CA
dependency... I get that. Alright.

-Ali



More information about the liberationtech mailing list