Conclusions
We have seen from this little walk through the world of secured E-mail
that:
- Sending secure E-mail is technically a solved problem. We're
"just" arguing over the details.
- Deciding who to trust is a complex problem. It is not solved,
and will be a problem for years to come
- Attacks on secure E-mail are likely to be through paths not
involving the message transfer itself.
I believe that secured E-mail is an idea whose time has come, and that
within a few years, one will expect to see signatures used on most
"serious" E-mail sent across the Internet; before the turn of the
century, one can expect that "serious people" will install filters
that simply won't make any unsigned piece of mail visible to them.
If
the politics involved, which are much harder to
foretell than the technology, allow it, one may also expect to see
routine encryption of messages. Since the management involved in
handing around encrypted messages is somewhat more complex than the
management in handing around signed messages (everyone has to be
authorized to see it by having a copy of a relevant private key), I
think this will be less popular, and mostly used for one-on-one
communication.
Conclusion: Secured mail is part of your future.
We just have to settle the details first.
Harald.T.Alvestrand@uninett.no
Last modified: Fri Nov 10 10:10:53 1995