True, X.509 does provide a form of identity, if specified correctly. However, you point out yourself that the problem is trust.

Simply pointing to a protocol or standard and saying 'here, we have all these solutions' isn't enough if the infrastructure that supports them doesn't work or can't be trusted. Of course some new e-mail replacement or fix will be some new standard or use of an existing set of standards but the infrastructure must support them correctly.

The problem is ease of use. To make certificates of any form trustworthy, one must issue them securely. This would probably mean I'd have to turn up, in person, at a suitable issuer's office with suitable referring documents. Even then there would be issues with fake IDs and so on. No one commericial or free-spirited organisation can hope to process enough people to achieve this. Even governments have trouble (witness the projected difficulties with issuing ID cards in the UK regarding sheer manpower required).

As for users failing to check identities, this is an education and software design failure. Why not require e-mail software to prompt you each time you open an unsecure untrusted e-mail? This forces the user to think about 'who do I trust?'.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/404/33690#33690