The issue with end user keys is not the publication mechanism, it is
deployment of the keys in the first place and the management of the key
lifecycle that has presented an intractable problem on an extended scale to
date.
The most sensible approach in my view is to begin by deploying an
infrastructure we are 100% certain is feasible, a solution that is primarily
an edge server solution with domain wide keying.
We should at the same time consider a comprehensive transition strategy that
provides for the extension of the mechanism to provide end user keying in
addition.
We may never go that far but we should make sure that we do not allow that
option to be precluded because it was not given sufficient consideration or
someone decided to botch the spec to prevent such a transition.
-----Original Message-----
From: Douglas Otis [mailto:dotis(_at_)mail-abuse(_dot_)org]
Sent: Friday, February 25, 2005 9:46 PM
To: Hallam-Baker, Phillip
Cc: MASS WG
Subject: RE: In response to Housley-mass-sec-review
On Fri, 2005-02-25 at 17:45 -0800, Hallam-Baker, Phillip wrote:
I still fail to see how you are improving on the paper
written by Russ
Housely who I think knows rather more about this area than you have
demonstrated so far.
The excellent review by Russell Housley raised concerns. The
draft I provided offers modest and practical solutions for
these concerns, while considering their impact and rational.
When done on a per-user per-email-message basis at the MTA,
requirements for certificates and revocation information
appear problematic in terms of both storage and traffic
burden. While OCSP does not appear well suited for this
purpose, rather than discussing merits of a particular
polling scheme, I was attempting to consider just those
immutable elements.
If you wish to assemble cost/overhead estimates for scaling
an implementation of certificates to the email user level,
and I will be happy to include those calculations. I am sure
there will be many wanting to review this alternative.
-Doug