ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Signed Receipts

1998-12-21 14:54:40
from [Russ Housley] [Permanent Link] 
Darren:

The recipient of a reciept must be the originator or a recipient of the
original message.  I think we should add this guidance to the document.

Russ


At 01:36 PM 12/18/98 +0000, Darren Harter wrote:

Paul/Russ,

I've been looking through the Signed Receipts section of ESS again, and I 
believe I may have found an ommision.

Let me set the scene...

In order to validate a receipt, you need to have the original message (or at 
least a digest of it).  Clearly if you are the "Sender" you would have this.

The receipt request structure contains a ReceiptsTo element, where the 
originator must specify their own address if they wish to receive the 
receipt messages.

What if you're not the originator but are named on the ReceiptsTo list.  How 
do you validate the receipt message without having access to the original 
message (or digest of it) - clearly you can't.

If the original message is copied to the entities on the ReceiptsTo list 
this would be avoided.  There is the potential problem of a receipt message 
being received before the message that it corresponds to but this can be 
dealt with quite easily.

I suggest that we add new paragraphs somewhere to ESS along the following 
lines:

"In order to allow the returned receipt message to be validated by all 
entities named in the receiptsTo field of the receipt request attribute, the 
Sender SHOULD ensure that the original message is copied to all such entities.

It is possible that a receipt message may be received before the original 
message that it corresponds to.  When such a receipt message is received, 
the recipient SHOULD store the receipt message for later validation.

When a recipient of a message is named on the ReceiptTo list in a 
receiptRequest attribute, they SHOULD ensure that sufficient information is 
retained from the message to allow validation of any associated receipt 
messages that are subsequently received.  The recipient SHOULD immediately 
validate any receipt messages that were received prior to message reception."

I've used SHOULDs here to allow for the situation where an entity on the 
ReceiptsTo list is being used as a non-validating receipt sink.

Darren

-------------------------------------------------------------
Darren Harter BSc Hons MBCS CEng
CASM Technical Architect
CASM Programme Office
CESG
Work: dharter(_at_)cesg(_dot_)gov(_dot_)uk
Home: Darren(_dot_)Harter(_at_)bcs(_dot_)org(_dot_)uk
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Comments on drafts., Russ Housley
Next by Date:  Re: SignerInfo Change, Russ Housley
Previous by Thread:  Signed Receipts, Darren Harter
Next by Thread:  Some comments on the use of DH in S/MIME, Peter Gutmann
Indexes:  [Date] [Thread] [Top] [All Lists]