W3C home > Mailing lists > Public > ietf-discuss@w3.org > July 1999

RE: IAB draft on security

From: Geoff <geoffm@redconnect.net>
Date: Mon, 26 Jul 1999 09:24:02 -0400
Message-ID: <01BED748.A3901AE0@cdm-10.sub8.nyc.redconnect.net>
To: "'Jacob Palme'" <jpalme@dsv.su.se>
Cc: "'smb@research.att.com'" <smb@research.att.com>, "'discuss@apps.ietf.org'" <discuss@apps.ietf.org>
Hello Jacob and Steve,

Jacob wrote

The document, like many other security documents, tells too much 
about what will not work, too little on what will work. It seems as 
if security experts are better at telling you that something is 
dangerous or might not be secure, than telling you how to get 
security. I would prefer to get more practical advice with
recommendations on how to get the security you want.

This may be a reason why security techniques have so much trouble 
getting accepted and used.

IMHO there are 4 reasons why security techniques are not widely used.
More or less in order of importance
1) Mostly much too complicated and time consuming for the average user to set up and use.
2) Confusion caused by competing standards S/MIME vs PGP.
3) Confusion caused by US gov interference.
4) Confusion caused by licencing and patent issues.

Not much can be done about about 2 & 3 but maybe some comments on 1  and  information (patented/not patented) on 4 could be usefully included in the document ??

Geoff Marshall
Received on Monday, 26 July 1999 09:23:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:08:06 UTC