On Mon, 12 Feb 2024, Dave Crocker wrote:
1. S/MIME has been around for 25 years. While it has gained respectable amounts of implementation in MUAs, it has achieved use only in specialized environments.
Google could greatly accelerate its uptake by automatically providing every freemail account with a certificate (DV cert style, i.e., without a fullname) and adding it and a signature to every message, and an indicator on messages received. Automatic, no muss, no fuss. If they did that a goodly fraction of global email could be signed within a year. They could go further, collecting certificates and encrypting when writing to those contacts so that user-to-user encrypted email could become globally significant -- yes there are tedious details involved. Most likely Apple, Microsoft, and Yahoo could as well accelerating things further. Sadly I doubt any of them will, and for smaller operators it is too cost prohibitive to consider as yet.
Or for that matter Google might do similar with OpenPGP, as well or instead of S/MIME. Smaller providers could do this, but alas I doubt enough would.
Of course not everyone wants signed or encrypted email, so probably it would need to be opt-in. And many mailing lists would still have issues since they want to alter the message body.
/mark _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
