[Top] [All Lists]

Re: Comparing email header fields with certificate contents...?

1997-07-07 11:11:51
From: John Gardiner Myers <jgmyers(_at_)netscape(_dot_)com>

(If email address is the most stable thing in your life,
more stable than your employer, your residence address, or your ISP,
then you as an individual could choose to make it your Certified
primary identity for personal communications.

Historically my published email address has been more stable than any of
my employer, residence address, or ISP.

Huh?  For how long have you been jgmyers(_at_)netscape(_dot_)com?  As of Dec 
(sasl draft -07) you were jgm+(_at_)cmu(_dot_)edu(_dot_)  And if you still 
get mail sent
to the old address, is it based on the kindness of cmu maintaining an
account for you with a .forward file, or on a commercial email
forwarding service?  How, except for intuition, am I expected to know
that the person with a Netscape address is the same person that wrote
SASL?  Even if you had certificates for both the old and new email
addresses, how would they be linked together for identity purposes?

John didn't say that his address hadn't changed recently, only that
historically his email address has been more stable than any other detail. I
find much the same thing to be true in my life as well, BTW -- in the past 8
years or so my physical address information has changed seven times and phone
information has changed three times, whereas my email address has only changed

As a matter of fact in practice I sometimes find that email addresses are _too_
stable for assigning some sorts of identity and associated credentials. For
example, my job in a company can change, necessitating a change of credentials,
without my email address changing. (I have seen this lead to unnecessary email
address changes in practice.) Or consider the case of role-based mailbox names
like postmaster. Or take John's case -- it is far from obvious that an S/MIME
certificate assigned by CMU should transfer to John in his new job at Netscape.

Another thing nobody has bothered to point out is that the multiplicity of
email addresses many people have is frequently a non-issue insofar as identity
is concerned. Many if not most large companies implement some form of canonical
email addressing, where all of a given user's addresses are collapsed
automatically into some canonical form, and mail sent to the canonical address
is routed automatically to the user's preferred mailbox.

The bottom line is that the mapping of identity to and from email addresses is
something that has to be possible for implementations to do. However, it is
also something you cannot possibly standardize the specifics of to a large
degree without making things unusable. The most you can do is require that
email-address-based identity be an available option and leave out most of the
specifics of how this form of identity has to be set up.

This is far from a new discussion, BTW. The IETF has been grappling with the
question of identity for well over a decade now. And the one thing I've learned
from all the details simply cannot be nailed down without effectively making
the protocol unusable for many potential users. Walking the line between
enough specifics to make things implementable and interoperable while not
having so many as to make things unusable is a very, very difficult job.