Failure of PKI in messaging

Peter Saint-Andre stpeter at
Thu Feb 15 11:57:46 EST 2007

Leichter, Jerry wrote:

> On the other hand, the push/pull combination of spam and IM/SMS are well
> on their way to killing Internet mail.  

Video killed the radio star? I'm an IM partisan, but even I have given 
up on trying to kill off email.

> Meanwhile, the next generation of users is growing up on the immediacy
> of IM and text messaging.  Mail is ... so 20th century.

I prefer the phrase "second-millennium". :-)

> I think the whole notion of decentralizing *everything* has turned out
> to be a trap.  

Interestingly, the public communication systems that are "secure" 
(Hushmail, Skype, etc.) are all centralized. I can't claim that a 
decentralized approach like Jabber is secure, though we're working on it...

> Trust has
> *always* been based on personal contact, extended to organizations that
> work hard to have a "human face" on the one hand, and to various
> human-scale, humanly-transparent ways of reifying and rendering portable
> the smile and the handshake, from letters of credit to various business
> rating organizations (D&B, BBB), and so on.  Replacing that with some
> abstract cryptographic system that no one understands, no one can see or
> touch - and that ultimately can only be perceived as trustworthy if it
> comes from trustworthy institutions anyway - is just a non-starter.

Can't agree more. (Not that agreement is the sine qua non of discussion.)

> With this shaky base, it should perhaps not come as a surprise that
> after all these years of trying, we haven't managed to come up with
> human interfaces to these systems that actually allow them to work
> effectively in the human world.

So how do we abstract from or extend what (somewhat) works in the real 
world to something that might work in the online world?


Peter Saint-Andre
XMPP Standards Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the cryptography mailing list