-----BEGIN PGP SIGNED MESSAGE-----
Ian,
To take your points out of order:
With this approach, the distributed keyserver problem becomes
simpler. E-mail messages in RFC822 format should contain a
From: field; users should simply ensure that the address in
this field is included as a 'tag' on their public key. Or you
could use a solution like PGP5 and include an X header that
specifies exactly how the key can be looked up.
Other protocols/message exchange systems can be considered
separately.
This is a good approach, although by itself it does not address
the totality of the e-mail requirement. You still need some way
to bind the e-mail address to the key. Whatever the principal
is, this is a function that's got no better place to roost than
the public key infrastructure.
I think this is a great way to look at it. Using the public
key, its hash or fingerprint as *the* DN allows all sorts of
important functionality like authorisations. E-mail is probably
the most widespread use of PGP at the moment, but can be
considered separately. E-mail users in effect can state to the
world (via keyservers) that their public key 'speaks' for a
certain address (to use SPKI lingo). So, if a key is to be used
for e-mail, it must contain such a 'tag' with an e-mail
address. If not, no problem.
Unless I misunderstand you, the e-mail address is not then bound
into the certificate structure. I'm reading out of what
your last couple of messages that we would submit the e-mail
address as an submission argument to the keyserver, but that
this would be absent from the certificate. This is pretty weak
in the sense that it is dirt simple for a black-hat to assert a
bogus e-mail address (or worse usurp a real one) and provide his
own black-hat key ID. This leaves open a lot of possibilities
for misuse.
I should think that we at least have to have the ability for
3rd party certifications of the public key have the ability to
bind over the key ID and e-mail address (or other string). This
would in effect be an authorization to use that e-mail address,
not a principal.
This seems to me a basic characteristic of any public key
infrastructure to associate the key with what the key is allowed
to do.
If I am misrepresenting what you propose, please set me
straight.
Chris
---------------------------------------------------------------
| International Electronic Communication Analysts, Inc. |
| Christopher D. Bonatti 9010 Edgepark Road |
| Vice-president Vienna, Virginia 22182 |
| bonattic(_at_)ieca(_dot_)com Tel: 301-212-9428 Fax: 703-506-8377 |
| PGP public key available from "http://www.ieca.com/"; |
---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQCVAgUBNCg5368wqXqPmmVZAQHpxgQAymRB1d6/o6u8F/c4Pe7QisapaPPx7UGO
1Z61k872Iab75yA8lJ0NKtMhE13oxEMzar+tIf6kwjJ6Q/4GTtsk3OnLwzC0rsUZ
qtmP21r3wuUC7vBtwGa5BD+uGtm2s7R9fwuENlquVoKhLhGylRzGoqZZ9a4XtKnh
pBVHjUO58eE=
=LJG4
-----END PGP SIGNATURE-----