From mboxrd@z Thu Jan 1 00:00:00 1970 From: Lucio De Re To: 9fans@cse.psu.edu Subject: Re: [9fans] re: spam filtering fs Message-ID: <20030908072110.A2507@cackle.proxima.alt.za> References: <200309071905.h87J5Nj17542@augusta.math.psu.edu> <97f6c2ef4d9e16dfbaf7e985261fee63@collyer.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <97f6c2ef4d9e16dfbaf7e985261fee63@collyer.net>; from Geoff Collyer on Sun, Sep 07, 2003 at 07:22:04PM -0700 Date: Mon, 8 Sep 2003 07:21:10 +0200 Topicbox-Message-UUID: 2eb69678-eacc-11e9-9e20-41e7f4b1d025 On Sun, Sep 07, 2003 at 07:22:04PM -0700, Geoff Collyer wrote: > > The only advantage of PGP is that it's what people use. Phil > Zimmermann spoke at Apple last year and said that at that time, if you > measured how people encrypted their mail on the wire (when they did, > which wasn't terribly often), it was virtually all using PGP's formats > (they could be using PGP or gpg or something else). Everything else > combined was epsilon (negligible) and PGP was the rest. His comment a > year ago was that ``PGP *is* encrypted mail''. If only we could get MUAs configured to handle encrypted mail by default, users would get used to it without even noticing. And only S/MIME (or PEM) would be feasible, as a self-generated certificate can then be included in the message. Not a lot of security, but we're dealing with lusers here. Once everyone has built up a collection of certificates for their correspondents, I believe that some peer pressure could trigger a quest for third-party certification. But the tools must be in place first. ++L