From: Bennett Todd (no email)
Date: Sat Jul 01 2000 - 14:50:52 EDT
2000-07-01-11:37:00 Roeland M.J. Meyer:
> PEM is being used on every ecommerce site site now, to implement
> SSL.
Huh? X.509 certs and SSL are used, but certainly not PEM or S/MIME.
I've never, as far as I know of, seen a working PEM implementation,
or piece of PEM traffic. It's so lost in the noise I really thought
it was completely dead until this thread popped up.
PGP is used all over the place.
TLS (nee SSL) has its uses, that's sure, and once the RSA patent
expires I expect to be using it a lot more, but TLS has nothing to
do with PEM, nothing even in common other than a cert format, and
reformatting certs is no biggie.
The real difference between the two is that S/MIME is based on the
model of creating and subsidizing an artificial monopoly for the
CAs, while PGP is not. Unless you're a CA, it's an easy choice:-).
-Bennett
|
|
|