[liberationtech] Why ~not~ S/MIME?

[Ralph Holz]

Hi,

All the advantages of S/MIME may be true, but:

> The two big objections to S/MIME I see more frequently are downloading
> your certificate from third-party and cost to get certificate. Both
> problems I think can be more easily solved than the adoption problems
> (on a wider bases) with PGP. Security and OPSEC failures can be
> posited between the two solutions at all levels - *shrug* ..

I am not sure I agree with the OPSEC issue. There are a bunch of
synchronised SKS key servers. As for people's capability to judge
others' accuracy in determining identity, well... is that so much worse
than a CA system, where a CA does only an e-mail check, but no EV?

Furthermore:
* With the current weakness of the CA system (all CAs are equal), I
trust PGP a whole lot more

* I often wonder - how are 100+ CAs supposed to certify hundreds of
millions of users? The claim of scalability gets really shaky when
considering revocation, too.

> So - broadly - why not work on the gaps in getting S/MIME more widely
> deployed? Why is it so often entirely disregarded? -Ali

I prefer PGP because:

* In the best case, I get to sign the other person's key myself - not
some CA

* In the not-so-optimal case, someone I know and trust has signed the
other person's key - still better than a CA

* This can be re-inforced by the fact that others I know have signed
that same key, too

* Within a limited range of contacts, PGP actually scales fairly well.
We computed such stuff once for a paper:

http://www.net.in.tum.de/fileadmin/bibtex/publications/papers/Investigating_the_OpenPGP_Web_of_Trust_Ulrich_Holz_ESORICS_2011.pdf

What makes PGP more attractive to me is the higher degree of control I
can exercise.

Ralph

-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF