From: Albert Levi: Thursday, June 29, 2000 7:35 PM
"Roeland M.J. Meyer" wrote:
Most modern mailers support X.509 certs for encryption. PGP is considerd, by many, to be the older technology. Building PKI around X.509 is much easier and meets actual existing standards.
Well, X.509 is as old as PGP (rf. PEM which was X.509 based). I agree that X.509 based PKIs are easier to built, but easiness does not mean usability. The trust structures embedded in X.509 certs are not acceptable for a large number of PGP users.
I think the large number of PGP users and the current grow rate determine whether it is old or not. Maybe it is not the "standard", but that many PGP users could not be wrong !
It is not an issue of right/wrong. Rather, it is an issue of what is most usable to the most people. SSL certs are certainly more usable to many. PGP works with ancient CLI mailers and older GUI mailers. All modern GUI mailers support X.509 keys for message encryption and even let you use the same cert for SSL protected POP3. PGP, OTOH, only encrypts the message body, this is why it's popularity is reducing. In addition, even you agree that an X.509 PKI is easier to build. Maybe because of the reasons I give here.