plugging in

[Alex Strasheim]

> Indeed -- the notion is that one could do things like put support for
> encrypted/signed pages or other cryptographic tools (I haven't checked
> if Netscape mail handles plugins, too) directly into Netscape where
> ordinary users could smoothly use them.

Doing tech support at my ISP has made me very skeptical of anything that
requires a plug in.  Most people aren't willing or able to download and
install them.  Obviously that's not a problem for large organizations who
want to run something internally -- they can make people install them and
provide support to make sure it happens.  But if you want to publish to
the mainstream of people who use the net, using a plug in is a very bad
idea. 

(I don't know anyone that doesn't design web pages for a living who's 
installed the shockwave plugin, for example.  I'm sure that people do, 
just not the people I know.  Only a marketing hack would download a 
couple of megabyte plug in to look at a soda company's web page.)

SSL has a lot of problems (Verisign's pound of flesh, signatures on sites 
rather than documents, etc.), and those problems make a PGP based system 
attractive.  But SSL's ubiquity (is that a word?) and the inherent 
kludginess of a PGP based plug-in make me think that the latter wouldn't 
have a snowball's chance in hell of catching on.