On Thu, 15 Feb 1996, Raph Levien wrote:
Date: Thu, 15 Feb 1996 11:21:06 -0800 (PST)
From: Raph Levien <raph(_at_)c2(_dot_)org>
Cc: resolving-security(_at_)imc(_dot_)org,
pem-dev(_at_)neptune(_dot_)tis(_dot_)com
...
On Thu, 15 Feb 1996, James M. Galvin wrote:
...
Perhaps the biggest feature required in the mailer is integration
of key management and the "address book". If this feature is not
implemented in the mailer, then two address books are required - one
to select email addresses, and another to map email addresses to keys.
This approach is used by premail, and is the source of many usability
problems. It would be nice if a database existed which could map email
addresses to public keys without manual intervention, but none of the
proposals on the table are capable of it.
In point of fact, MOSS supports this feature. The email address name form
was included precisely because we figured people would want to continue to
use names with which they were familiar. Further, the email address could
be parsed and the DNS could be used to lookup the public key.
I chose my words poorly. What I meant to say is that none of the
proposals can map an email address to a public key without the use of a
manually maintained database.
DNS? Are you suggesting that the public key be stored within the DNS
database? The idea is nice, but DNS as deployed today is far too
insecure (see the Wall Street Journal, 9 Feb 1996 for an example).
Please check out draft-ietf-dnssec-secext-09.txt in the IETF shadow
directories (such as ftp.isi.edu/internet-drafts). It specifies a
standard for authenticating data retrieved from the DNS and using the
DNS for key distribution.
...
Raph
Donald
=====================================================================
Donald E. Eastlake 3rd +1 508-287-4877(tel) dee(_at_)cybercash(_dot_)com
318 Acton Street +1 508-371-7148(fax)
dee(_at_)world(_dot_)std(_dot_)com
Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA)
http://www.cybercash.com http://www.eff.org/blueribbon.html