Steve,
I would not agree to this proposal unless the following wording
was added: "The sending user MUST have the
option to be notified when an encrypted message is also being
sent to a 'corporate key' prior to the sending of the message."
There are other ways that entities that require this feature (such
as brokerage firms). One method is that they only publish certificates
for encryption that contain the "corporate key". Then they use
their mail gateway to explode to a users certificate (behind their
firewall) that contains the real users public key. This is a "natural"
feature for an email gateway company to develop and offer :-).
Larry
----------
From: John Pawling[SMTP:jsp(_at_)jgvandyke(_dot_)com]
Sent: Friday, January 23, 1998 4:04 PM
To: Steve Russell; phil; SMIME -IETF
Subject: RE: Corporate Key mechanism
Steve,
OK, I see your point. If the S/MIME WG agree that this is a valid
requirement, then I recommend that the S/MIME v3 Certificate Handling spec
could be changed so that it includes a section defining a certificate
extension that identifies the "corporate key" cert. The ASN.1 syntax could
... [snip]