I wouldn't say we do hardwiring; it's more like seeing a URL on TV and
typing it into a browser :-). When users register for a DoD
certificate, they get an instruction sheet for adding the DoD root and
finding the directory.
Coordination from the DoD to other directories is not complete, but
people are working on it.
From: "Frank O'Dwyer" <fod(_at_)brd(_dot_)ie>
Bob Jueneman wrote:
3. The much more significant point, unless I've overlooked a
"directoryCapabilities" attribute in the S/MIME spec somewhere , is that
both the originating and receiving application are completely clueless
as to where to find either the directory itself, or the http provider.
I had been wondering how S/MIME addressed mapping of an email address to a
directory server address. From the sound of this thread, I guess it doesn't.
So how are people doing this in practice? Is everyone setting up an LDAP
directory, then ignoring it and exchanging certificates by email? Or just
hardwiring a few LDAP servers into client configs?