1996-05-08 - Re: PGP, Inc.

Header Data

From: Raph Levien <raph@cs.berkeley.edu>
To: “E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>
Message Hash: 397ac8af963baf9b55daa4dda4b3008a0dea5c29952b27c3c0a5d62ca2c2d57a
Message ID: <318F622D.5ABACBD6@cs.berkeley.edu>
Reply To: <01I4E39N3LA28Y583T@mbcl.rutgers.edu>
UTC Datetime: 1996-05-08 00:16:27 UTC
Raw Date: Wed, 8 May 1996 08:16:27 +0800

Raw message

From: Raph Levien <raph@cs.berkeley.edu>
Date: Wed, 8 May 1996 08:16:27 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: PGP, Inc.
In-Reply-To: <01I4E39N3LA28Y583T@mbcl.rutgers.edu>
Message-ID: <318F622D.5ABACBD6@cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


E. ALLEN SMITH wrote:
> 
>         Can one use a web-of-trust for S/MIME, for the cases when a structured
> hierarchy is exactly the _wrong_ thing to use? I'd think so, but I don't know
> anything about it.

   The S/MIME spec indicates the use of X.509v3 certificates, which, in
turn, are explicitly allowed to contain trust roots originating in the
client's local configuration. In other words, yes, the spec allows for a
Web of trust.
   The big question, of course, is how easy the key management will be
in such a case. Everything I've seen points to key management being
super-easy if you use VeriSign certs, and probably just as bad as PGP
otherwise. Unlike PGP, most e-mail clients will probably not come
configured with the capablity to sign other keys - in the X.500 world,
e-mail clients and "certification authorities" are two separate
applications.
   But it's too early to tell. There's a lot of ferment happening here.

Raph





Thread