[messaging] [FORGED] Re: On Signed-Only Mails

Phillip Hallam-Baker phill at hallambaker.com
Mon Dec 5 05:05:07 PST 2016


On Sun, Dec 4, 2016 at 9:27 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:

> Phillip Hallam-Baker <phill at hallambaker.com> writes:
>
> >In fact there is much more use of S/MIME for authentication than for
> >confidentiality.
>
> And there is much more use of hovercraft than monorails.
>
> Given that the use of S/MIME is essentially nonexistent outside of a few
> government and large corporate orgs where people can be ordered to use it
> or
> face disciplinary action (and where the mgt. realises that actually
> enforcing
> this would result in either no workforce left or a complete shutdown of
> email,
> they fix it by reinventing store-and-forward STARTTLS using S/MIME
> gateways),
> where does the data to support this come from?  Just wondering... is there
> really significant use of S/MIME (meaning signed email, not CMS for EDI or
> something similar) signed messages, outside of the STARTTLS-equivalent?
> Where?  By whom?
>

​The number of S/MIME certs enrolled is roughly two million ​which is
roughly the same as the number of keys enrolled in key servers.

Neither application has been impressive in terms of deployment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20161205/fc75df99/attachment.html>


More information about the Messaging mailing list