Superconductor

I recently received an e-mail from Thawte that explained how they are going to discontinue their Thawte Personal E-Mail Certificates and Web of Trust. Here's how they explained this:

Over the past several years, security compliance requirements have become more restrictive, while the technology infrastructure necessary to meet these requirements has expanded greatly. Despite our strong desire to continue providing the Thawte Personal E-mail Certificate and Web of Trust services, the ever-expanding standards and technology requirements will outpace our ability to maintain these services at the high level of quality we require. As a result, Thawte Personal E-Mail Certificates and the Web of Trust will be discontinued on November 16, 2009 and will no longer be available after that date.

The Thawte Personal E-mail Certificates implemented an interesting idea. They assumed that all you can really verify with an e-mail exchange is an e-mail address, so that's all you could have for your identity until you had your identity verified face to face by one or more WOT notaries. Once enough of these notaries vouched for your name, that name could be included in the certificates that you got from Thawte. I was actually one of these notaries, which is why Thawte sent me this message.

The Thawte root CA certificates were in the commonly-used browsers, so this provided an easy way to get a useful, yet free, certificate, and Thawte Personal E-mail Certificates were one of the more common certifictates that you'd see used to sign and encrypt e-mail. It's a pity that we won't have them any more.

You'll still be able to buy certificates with your name and e-maill address in them, of course. Maybe that's really what this was all about.