1996-03-09 - Re: A brief comparison of email encryption protocols

Header Data

From: Tatu Ylonen <ylo@cs.hut.fi>
To: perry@piermont.com
Message Hash: 012e1072de8f6b5e7bfff8a66b88f36734e16aeca45bc4e2ae25e02b3cc44a40
Message ID: <199603012035.WAA12723@trance.olari.clinet.fi>
Reply To: <199602292139.QAA18366@toxicwaste.media.mit.edu>
UTC Datetime: 1996-03-09 17:37:06 UTC
Raw Date: Sun, 10 Mar 1996 01:37:06 +0800

Raw message

From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 10 Mar 1996 01:37:06 +0800
To: perry@piermont.com
Subject: Re: A brief comparison of email encryption protocols
In-Reply-To: <199602292139.QAA18366@toxicwaste.media.mit.edu>
Message-ID: <199603012035.WAA12723@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain

> > Now, consider adding a URL to every signature.  Lets even use your
> > URL, which is 35 characters long (and lets not even count the NULL or
> > length byte).  Adding this URL to 30000 signatures would add 1050000
> > bytes, or just over 1MB.  This is an increase in 12% of the keyrings!
> Yes, but we have to assume that the need for central key servers would
> go away if we had a way of distributing the data around, which would
> reduce the problem substantially...
> > On the other hand, using my method and your "URL" (clark.net) would
> > add only 10 bytes per sig, or 300k.  This is only a 4% increase.

The current PGP keyring model does not scale anyway.  Suppose one day
every user on the Internet will have a key...  It is not relevant
whether the space per key is 100 bytes, 1000 bytes, or 10000 bytes.
All of these sizes are small enough for it to be quick to transfer a
single key.  There will soon be no way to transfer and store the
entire key ring.  In the long run, the problem must be solved using an
entirely different, distributed architecture.