On 3/21/19 11:28 PM, Viktor Dukhovni wrote:
... if security is going to be any use to people it has to be easy enough that a 60+ year old grandmother who left school before the Internet arrived can use it because she is the US Secretary of State.
This is one of the reasons that I'm quite happy with the state of S/MIME as I and some friends experience it.
After an initial speed bump to set things up (and certificate renewal), the day-to-day use is largely painless if not actually transparent.
We have tried the maximalist approach to security for 30 years and it has been a complete failure. We have one widely deployed Internet security protocol and it is limited to the transport layer.
I think the fact that techies that enjoy this stuff actually don't use as much as they can on their personal systems is a tell tale sign that things are too complex to readily adopt and use.
It is with this in mind, that we can understand how some pragmatic security concessions can ultimately gain more security for more users than they appear to forgo at first glance.
I don't like it. But I agree. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
