From: Matt Blaze <mab@crypto.com>
Date: Sun, 12 Feb 95 09:25:57 PST
To: peace@bix.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <9502120550.memo.29017@BIX.com>
Message-ID: <199502121727.MAA20000@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



Peace@BIX.com writes:
>So finding a KeyID is the problem that destroys PGP eh?
>
...

I don't think anyone has suggested there's any one problem that
"destroys" PGP.  Several people have pointed out a number of problems
that limit PGP's scalability in various ways.  Its flat key ID
namespace is one.  Lack of functional modularity is another.  Its
fixed certification model is still another.  There are more, and
no doubt still others waiting to be discovered as the user base
grows.  Any secure communications system that aspires to large-scale
penetration, whether called "PGP" or something else, will have to
tackle these kinds of issues before it will be successful.  Some
of the issues are obvious, while others only become apparent after
some experience.  Scale, after all, has a way of turning easy
problems into surprisingly hard ones.

For whatever reason, PGP has attracted an almost cult-like following,
and this has so far helped the spread of secure email.  But this
cuts both ways; cult status or not, PGP has to continue to evolve
and adapt to large-scale, mainstream demands by applying the lessons
of other big systems.  If it doesn't, rest assured that companies
like Microsoft and AT&T will do just fine with whatever they decide
the market wants.

-matt