[Cryptography] Size of the PGP userbase?

[Phillip Hallam-Baker]

On Thu, Dec 12, 2013 at 7:57 PM, Jon Callas <jon at callas.org> wrote:

>
> On Dec 12, 2013, at 4:04 PM, Phillip Hallam-Baker <hallam at gmail.com>
> wrote:
>
> Cool. Laudable goal. Even achievable. We did it at PGP Corporation. I'll
> add that despite the name "PGP Universal" it did S/MIME, too, and images a
> public key into both OpenPGP keys and S/MIME certificates.
>

What has changed here is Snowdonia has arrived.

This may not be the most relevant response to Snowden but it is the crypto
deployment that gives the end user the most security for the least effort.

It is also a platform we can build other message level features on.
Particularly as patents begin to expire.


I am planning to do PGP eventually to provide backwards compatibility. I
have even reserved hex keys of the relevant length for PGP fingerprints.

But I want to move beyond the plumbing. The interesting part is in the
trust model and that is where I want to be able to combine CA and peer
endorsements. They both bring different things to the table.

To make use of keys opportunistically I have to know if the recipient
prefers encrypted mail.



You can use the convention we did of keys.* to be a domain name for a
> key/cert server, as well. Our SMTP proxy would go ask the recipient domain
> for relevant certs and use them. My 2003 "Self-assembling PKI" paper gives
> the basic rundown of many, many techniques. They work amazingly well.
>

I will cite that in the longer version of the workshop paper where I am not
limited to 5 pages (!).

There are some differences between my approach and yours. But the big
difference is context. I think that we have a lot more people willing to
make the effort right now.

-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131212/3f090559/attachment.html>