John L Fjellstad wrote on Thursday, April 05, 2007 10:43 AM -0500: > "Seth Goodman" <[EMAIL PROTECTED]> writes: > > > Instead, they built > > native S/MIME support into their MUA's, built a certificate store > > into their operating system and bought VeriSign. > > Couple of points. There are lots of stuff MS does that don't make > them money. Also, I don't believe they own VeriSign.
Like most other companies, MS certainly does things that don't earn a profit. Also like other companies, they generally don't support initiatives that get in the way of other plans. SSL created a market for trusted certificates and CA's. More importantly, it enabled casual web commerce, which was very important to the MS vision of a web supported by advertising and sales of products. Web commerce was much more likely to succeed with a small number of universally trusted CA's, whose identities are distributed with the OS, than with the ad hoc trust networks of individual end users. S/MIME created a second opportunity to earn profits by issuing and serving certificates for email. PGP end users asked their associates to assure the association between their identity and their public keys and published signed keys on free public servers, so there was little profit potential. The two protocols also had different audiences. S/MIME addressed the needs of institutions that would gladly pay for certificates if end users would trust them, while PGP was for human rights workers that needed secure encryption but had no money, or technical end users that favored it for personal/political reasons. One need not invoke any bad intentions to see why S/MIME was a rational choice by MS. On the ownership of VeriSign, MS and VeriSign have collaborated closely, but MS does not appear to own them. I don't recall where I got that idea and I apologize for the error. -- Seth Goodman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
