At 5:19 PM -0500 1/14/1997, Brian J. Murrell wrote:
>Writing programs to parse WWW output just to get a key is well... I wont get
>into that. Other protocols... How long have we had PGP now? Directory serv-
>ices. The great white hope. What a cinic I'm being today. I guess I'm just
>tired of PGP taking so long to be usable. S/MIME is going to stomp it at this
>rate. Which is not bad. I just want a standard WITH GOOD TOOLS. If S/MIME
>beats PGP, the so be it.
Well, directory services as a whole are the Achilles Heel of any
mail system. Find me a cc:Mail or MS-Mail system that can deal with
tens of millions of users. You won't -- they can't properly deal
with more than a few thousand users (and having administration
experience with both, even a few thousand is asking a hell of a lot
of these systems).
We're now trying to invent the directory services systems that
*can* deal with tens of millions of users, and people are finding it
a fairly hard job. No surprise there, it's going to take time to
discover and integrate the kinds of tools it takes to make this work.
Meanwhile, you and I just have to cope.
And no, S/MIME is not going to beat PGP, for three reasons:
1. PGP has too large an installed base. S/MIME simply
cannot go from zero to millions of users fast enough to overtake this
base before the PGP target moves again.
2. The folks at RSA Data Security are too interested in
keeping maximum compatibility with this installed base. By the time
S/MIME really takes off, there's a very real chance that S/MIME and
PGP-MIME will have converged into basically the same encryption
standard (or so I was lead to believe by the folks from RSA at the
IMC "Resolving Internet Mail Complexity" Workshop last year).
3. At AOL, we're pretty sensitive to the installed base
issue, too. If/when we do anything, it'll almost certainly be PGP
first, and if there remains any compelling business case to do any
other form of encryption technology, we'll address that at the time.
Brad Knowles, MIME/PGP: firstname.lastname@example.org
comp.mail.sendmail FAQ Maintainer <http://www.his.com/~brad/>
finger email@example.com for my PGP Public Keys and Geek Code
The comp.mail.sendmail FAQ is at <http://www.his.com/~brad/sendmail/>