Yahoo releases internet standard draft for using DNS as public key server

martin f krafft madduck at
Fri May 28 20:40:26 EDT 2004

also sprach Ed Gerck <egerck at> [2004.05.28.1853 +0200]:
> It's "industry support". We know what it means: multiple,
> conflicting approaches, slow, fragmented adoption --> will not
> work. It would be better if the solution does NOT need industry
> support at all, only user support. It should use what is already
> available.

While I fundamentally agree, a user-side approach will not work for
two reasons, at least:

  - The technology is too complex to be grasped. users may be able
    to select encryption in their GUI, but they fail to understand
    the consequences. This is especially problematic on the receiver
    side, because no standard user knows how to handle a BAD
    SIGNATURE alert.

  - The infrastructure is not there. Two standards compete for email
    cryptography, and both need an infrastructure to back them up.
    Unless the governments do not settle on one standard and provide
    the necessary infrastructure, such as signing keycards or
    pocket devices capable of stream en/decryption, encryption is
    not going to be standard.

If everyone and their mother is supposed to use cryptography, then
the two points need to be addressed. And unless everyone (and their
mother) uses cryptography consistently, email is not going to be

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
invalid/expired pgp subkeys? use as keyserver!
the unix philosophy basically involves
giving you enough rope to hang yourself.
and then some more, just to be sure.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <>

More information about the cryptography mailing list