Log in

No account? Create an account
Gavin Greig [userpic]

Thawte Web of Trust

May 4th, 2004 (10:41 pm)

A couple of months after applying, I have joined tobyaw as the second Thawte Web of Trust notary in the St. Andrews area. If you acquire enough Trust Points from Web of Trust notaries (by meeting them in person and looking like your national photo ID), you can add your name to a free personal e-mail certificate, which you can use to sign or encrypt your e-mail. If you don't bother, you appear as "Thawte Freemail Member".

I'm not sure what future signed or encrypted e-mail has, to be honest. I'm inclined to think that it will always be something that's only of interest to geeks or a few serious businesses. It's not that it's terribly hard to set up and use, but I think it's intimidating enough that it will remain just too scary for the average user unless something significant changes.

The process of signing up for a certificate and telling your e-mail package about it could both be made a bit more straightforward for anyone willing to accept the defaults, and hiding some of the ugly details like references to X.509 and Public Key Infrastructure would be a good idea. Sure, the information should be available for the people who care, but it shouldn't be strutting about in plain view for the people who don't.

The way that signed or encrypted mails are opened in my e-mail client is also less than handy. This may be necessary in part - perhaps it's not much good encrypting an e-mail if it's going to appear in someone's preview pane all the time! - but only in part. Why can't I have a button that decrypts it in the preview pane rather than having to open it in a separate window?

However, given the increase in both profile and need for decent security over the last few years it is quite possible that signing and encrypting mail will take off in popularity at some point for reasons I can't foresee, and since the facility for e-mail signing strikes me as a Good Thing even though I'm not overly interested in security issues, it seemed like it would also be a Good Thing if I did my bit locally to support the system.

Helping other people to add their names to their certificates may not be much (it isn't!), but there you go.