24 May
2002
24 May
'02
11:02 p.m.
On Thu, 23 May 2002, Adam Back wrote:
On Thu, May 23, 2002 at 03:05:49PM -0400, Adam Shostack wrote:
So what if we create the Cypherpunks Root CA, which (either) signs what you submit to it via a web page, or publish the secret key?
This won't achieve the desired effect because it will just destroy the S/MIME trust mechanism. S/MIME is based on the assumption that all CAs are trustworthy.
Which is, of course, a major flaw. S/MIME is of some value for internal corporate email for companies who can run their own CA. (The sort of people who used to be Xcert's customers.) S/MIME is of very little value outside of a closed intranet environment, for the simple reason that public CAs are mostly incompetent, untrustworthy, or both. -MW-