On 07/03/2017 08:56 AM, Russell wrote:
It took a lot of highway deaths before car manufacturers were compelled to make seatbelts a standard from the factory. It took another generation and a lot of physical hacks, ie. no start till buckled up, to get people to use them.
Its open to everyone to generate or use a keysigning authority.
Yep. I get mine from cacert.org. The problem is most people don't know about them or bother with getting them. In large organizations, directory servers can provide them. I worked at IBM Canada HQ, back in the late '90s. One of the first things I had to do, when I started, was get my email certificates. This was on Lotus Notes. Any LDAP server should be able to support X.509 certificates, which makes them easier to use. Otherwise, you have to manually exchange them, by sending signed email.
Perhaps that was the problem with Hillary Clintons use of a home network mailserver? That she signed her own keys privately but then did the governments work using them. This would clearly outside of government and even any reasonable business policy.
My understanding is that they were plain text email. If they had been encrypted, then this wouldn't have been such a problem. Also, it was the DNC's server, along with another Democrat one that was hacked, not Hilary's. Regardless, she shouldn't have been using a personal server for government business. But that pales in comparison with Trump's use of Twitter.