First, I apologize for not being able to fully participate on the list for
last few days (esepcially as we're now discussing S/MIME based approaches
which is obviously of much interest to me), I still have much work to do
but will try to comment on some recent posts later tonight.
On Tue, 5 Oct 2004, Michael Thomas wrote:
I agree that conflation of auth and authz is an often mad mistake.
We (Jim and I) have been very clearlly distinguishing authentication
and authorization for our own part for a very long time. In words,
the three way handshake is:
1) Sign a piece of mail
2) Verify the mail given a public key (= authenticate)
3) Check back at the KRS to see if the key is authorized
to send for that domain
I very much agree with this approach. And that is basicly what I did when
extending S/MIME to be usable for MTA Signatures. If you note one of the main
parts of MTA Signatures is Certificate-Verification-Service which is universal
syntax of providing information on how signature can be verified (by looking
at DNS based on signature's signer domain or by double-checking root
certificate or by looking at PGP-like key server, etc). In next version of
proposal, I've moved this to become proper ASN.1 attribute of CMS signature
rather then MIME service header. This makes it possible for same attributes
to be used in regular S/MIME signatures as well.
I also note for that that are saying we don't have S/MIME based proposals
that it is not correct. In fact there are at least two proposals that are
based primarily on S/MIME that are input for MASS.
Now I'm not saying S/MIME can be used directly in the way its actively
used right now, but extending it for need of MASS is definetly possible
(in fact that is what MTA Signatures proposal is).
---
William Leibzon, Elan Networks:
mailto: william(_at_)elan(_dot_)net
Anti-Spam and Email Security Research Worksite:
http://www.elan.net/~william/emailsecurity/