At the December working group meeting, this was expressed as a desire from
the S/MIME side of CMS. People working for groups like Amnesty
International wanted to be able to send anonymous mail which could not be
traced back to them without having decrypted the message.
Jim
-----Original Message-----
From: Dr Stephen Henson [mailto:shenson(_at_)bigfoot(_dot_)com]
Sent: Thursday, May 28, 1998 9:30 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: Re: I-D ACTION:draft-ietf-smime-cms-05.txt
Russ Housley wrote:
Steve:
I understand your point. Without a certified originator public key, the
recipient would not be able to determine the source of the message. This
is always true in the key transport case.
Do we want to permit this case? At this point, I see no reason to have
the
syntax preclude it, but I want to hear from other WG members.
Yes I do want to permit this case. I think forcing a "signature" on
every key agreement enveloped message would be undesirable.
It might discourage people from using key agreement and stick with key
transport (which as you say does not have this property).
There is also the practical issue of there being a mixture of RSA and DH
key carrying certificates. Someone with an RSA key carrying certificate
should not have to get a DH one (and possible CA expense) in order to
send enveloped data to a DH recipient.
Steve.
--
Dr Stephen N. Henson.
UK based freelance Cryptographic Consultant. For info see homepage.
Homepage: http://www.drh-consultancy.demon.co.uk/
Email: shenson(_at_)bigfoot(_dot_)com
PGP key: via homepage.