X.509 / PKI, PGP, and IBE Secure Email Technologies
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Dec 9 15:46:45 EST 2005
On Thu, Dec 08, 2005 at 05:10:20PM -0800, Ed Gerck wrote:
> PGP is public-key email without PKI.
This is true for use in geodesic networks, but not true for
inter-organization email, one ends up introducing gateway systems, that
create an ad-hoc PKI of gateways that have exchanged keys and users
that have authenticated to the gateways when one of the sides has no
such gateway. Key management does not go away.
> So is IBE.
I disagree here, with IBE there still needs a way to securely obtain
the site public key for each site. Granted, you don't need a per-user
key, but this does not make the problem of key management go away.
My *personal* view is that patent encumbered technologies don't have a
major role to play in anything quite as ubiquitous as email.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list