Conclusions

We have seen from this little walk through the world of secured E-mail that:

Sending secure E-mail is technically a solved problem. We're "just" arguing over the details.
Deciding who to trust is a complex problem. It is not solved, and will be a problem for years to come
Attacks on secure E-mail are likely to be through paths not involving the message transfer itself.

I believe that secured E-mail is an idea whose time has come, and that within a few years, one will expect to see signatures used on most "serious" E-mail sent across the Internet; before the turn of the century, one can expect that "serious people" will install filters that simply won't make any unsigned piece of mail visible to them.

If the politics involved, which are much harder to foretell than the technology, allow it, one may also expect to see routine encryption of messages. Since the management involved in handing around encrypted messages is somewhat more complex than the management in handing around signed messages (everyone has to be authorized to see it by having a copy of a relevant private key), I think this will be less popular, and mostly used for one-on-one communication.

Conclusion: Secured mail is part of your future.
We just have to settle the details first.

Harald.T.Alvestrand@uninett.no

Last modified: Fri Nov 10 10:10:53 1995