OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pki-tc] Candidates for OASIS PKI TC Chair

I would question statement like "That secure e-mail currently is being
redesigned from the ground and up (DKIM)". The goal of DKIM is to
identify who sends email mainly from smtp gateway point of view (for
supressing spamming). It does have the advantage of ease of key
distribution using dns for key lookup and retrieval, but it is only for
message origin verification, not for message content security (encrypted
like SMIME). It does not have a legal binding at this point. Secondly,
depending on how we use PKI, if we mainly use PKI without legal binding
as DKIM, PKI will be more popular than it is now. I still think PKI at
this point is still the most effective solution in certain industry or
region for its original goal(authentication, integrity, non-repudiation

-----Original Message-----
From: Anders Rundgren [mailto:anders.rundgren@telia.com] 
Sent: Thursday, April 13, 2006 8:37 AM
To: PKI TC; Arshad Noor
Subject: Re: [pki-tc] Candidates for OASIS PKI TC Chair

>Businesses continue to search for the elusive silver bullet to
>solve their security problems - but it is my belief that until
>they start using PKI in many different aspects of their IT infra-
>structure (along with appropriate changes to applications,
>business processes and employee training), that silver bullet
>will continue to elude their grasp.

I think businesses should be cautious embracing a technology
that not even the people who claim to know PKI, know how to
apply to everyday business processes such a e-purchasing.
Until such knowledge becomes common, agreed upon, and
published[*], businesses betting on PKI are at risk being stuck
in pretty "consultant-intensive" activities.

That "secure e-mail" currently is being redesigned from the ground
and up (DKIM), is another indication that the previous generation
of PKI "theologists" did not actually foresee the Internet revolution.
The problem is that S/MIME effectively delegates security policy
enforcement down to the [nowadays often rather novice] users.
The following is how secure e-mail should have been:

    "If I send a mail via my company, it is my company that secures it"

If any of the TC chair candidates have the guts to address any of
these issues, he or she has my full support.

Anders Rundgren

Go to NIST's PKI pages.  Nothing
Go to PKI-TC AGSC pages.  Nothing
Go to PKI-*.  Nothing

To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]