ietf-smime
[Top] [All Lists]

Re: S/MIME 3 Clients - Are there such?

2001-09-11 05:26:41

Michael,
It is possible that all this will be redudant as e-mail for business messages
(my line of work) is a declining activity.  The encryption scheme in e-mail is a
killer (in the negative aspect) compared to https (SSL/TLS).

I did try to force my Outlook to accept an "e-mail-less" cert but
I did not succeed.  Anyone who knows the trick?

Anders

----- Original Message -----
From: "Michael Ströder" <michael(_at_)stroeder(_dot_)com>
To: "Anders Rundgren" <anders(_dot_)rundgren(_at_)telia(_dot_)com>
Cc: <ietf-smime(_at_)imc(_dot_)org>
Sent: Monday, September 10, 2001 21:04
Subject: Re: S/MIME 3 Clients - Are there such?


Anders Rundgren wrote:

I guess this option was introduced to be able to use your "electronic ED-Card"
from anywhere and make the mail-system to be regarded as "transport"
in the same way as SSL.

Note that you have to put the server's name into the CN attribute of
the SSL server's certificate subject DN. Maybe it's different in
current IETF-TLS profile draft. I did not follow that closely.

The same could be valid for mobile-phones and PKI as well.
I.e. the phone-number is just an identified but anyway "bearer".

Or for e-business where the org-cert contains a DUNS-number which
is more important than mail-address.  Lets say a portal with buyers
using the same domain.

I already know all these arguments. But Joe Average user will be
unable to verify that this specific DUNS number can be assigned to a
certain e-mail address. Normal users *might* be able to perform a
complete string equality match. But not much more. People do not
understand name spaces. Period. I did enough 1st level support
especially with S/MIMEv2...

I hope that not many CAs are going to issue e-mail certificates
without e-mail address. In this particular case I regard it as an
advantage that most CAs will decide to be backwards-compatible to
S/MIMEv2.

But it does get a little bit weird.

Snip the word "little" and you're getting closer to it...

Ciao, Michael.


<Prev in Thread] Current Thread [Next in Thread>