Paul Hoffman / IMC wrote:
All too frequently a new user's first experience of S/MIME is
being flamed for wasting bandwidth by signing everything in a public
mailing list or newsgroup.
Well, people shouldn't sign something unless there is value in being able
to authenticate the sender.
Some would argue that authenticating the sender always adds some value:
but not when this has to be weighed against bandwidth considerations.
S/MIME signatures could be very small, indeed, if the CAs would pare down
what they toss into the signatures. So far, most of the flames have been
aimed at people with bloated VeriSign certs. I've seen much smaller certs
from other CAs.
Yes I would agree that Verisign exacerbates the problem. I'm waiting for
the first CA to offer free certificates paid for by embedded
advertising.
Nevertheless even a compact certificate or chain can at least double the
size of the signature.
I would support the specification stating that an S/MIME agent either
SHOULD (or even MUST) give the user the option to not include
certificates in signed messages.
We cannot specify how an MUA interacts with a human user; that's out of
scope for a spec like this. At most, we might put in a sentence saying "A
sending MUA may want to consider the size of certs being added to a message
when it decides (or lets the sender decide) whether or not to include a
cert in the message."
Well as long as it conveys the impression that it is desirable to
support the (automatic or manual) omisssion of (some or all)
certificates the wording isn't too important.
Steve.
--
Dr Stephen N. Henson.
UK based freelance Cryptographic Consultant.
Email: shenson(_at_)bigfoot(_dot_)com
PGP key: http://www.drh-consultancy.demon.co.uk/key.asc