
On 22/09/17 02:40 PM, James Knott via talk wrote:
I wonder if they'll provide X.509 certificates for individuals. While many people use them (and some use PGP/GPG) the big issue for so many is convenience. In companies that use a directory server, it's a simple matter to get the certificates for anyone else in the company, making it real easy to send encrypted email. Otherwise, you have to arrange for certs on your own and then send a signed message, so that the other person can send you an encrypted email. Of course, many people haven't even heard of email encryption. A few years ago, CIBC was offering X.509 certificates for customers, but I believe they could only be used for banking business, such as applying for loans etc. I don't know if they're still doing it. I would rather have a separate certificate for each supplier: One might be (dave & bank X), another (joyce and dave & bank x) and a third be (dave & credit-card-company Z).
Having a single proof of identity poses a problem when you have to revoke it because you used it for (dave & scammer W) --dave -- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest davecb@spamcop.net | -- Mark Twain