- From: Geoff <geoffm@redconnect.net>
- Date: Mon, 26 Jul 1999 09:24:02 -0400
- To: "'Jacob Palme'" <jpalme@dsv.su.se>
- Cc: "'smb@research.att.com'" <smb@research.att.com>, "'discuss@apps.ietf.org'" <discuss@apps.ietf.org>
Hello Jacob and Steve, Jacob wrote The document, like many other security documents, tells too much about what will not work, too little on what will work. It seems as if security experts are better at telling you that something is dangerous or might not be secure, than telling you how to get security. I would prefer to get more practical advice with recommendations on how to get the security you want. This may be a reason why security techniques have so much trouble getting accepted and used. IMHO there are 4 reasons why security techniques are not widely used. More or less in order of importance 1) Mostly much too complicated and time consuming for the average user to set up and use. 2) Confusion caused by competing standards S/MIME vs PGP. 3) Confusion caused by US gov interference. 4) Confusion caused by licencing and patent issues. Not much can be done about about 2 & 3 but maybe some comments on 1 and information (patented/not patented) on 4 could be usefully included in the document ?? Geoff Marshall
Received on Monday, 26 July 1999 09:23:24 UTC