I have not been watching this exchange closely, and so excuse me if
this comment is out of place.
There is an extension field in X.509 which is explicetly put there to
carry "alternative" name / address information such as Internet e-mail
address: subjectAltName with rfc822Name in GeneralName.
This can marked as non-critical so that only those that are interested
need take notice of the field. Also, as this is protected within the
certificate it can be "trusted".
Hope this helps.
Nick Pope
-------------------------------------
Security & Standards
Suite A
191 Moulsham St.
Chelmsford
Essex
CM2 0LG
U.K.
Tel: +44 1245 495018
Fax: +44 1245 494517