ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Signed Receipts and Mail Lists

2003-06-27 12:38:13
from [Jim Schaad] [Permanent Link] 

Sean,

I have had many discussions with people on this issue.  It is very
likely that an MLA would return a receipt to the originator of the
message either on initial receipt (I got it and distributed it) or after
a specific percentage of people on the list have returned receipts.
This is the only way to handle receipts in the case of a mailing list
whose memebership is hidden from senders.  

This being said the problem here is that you are using a single
certificate for two distinct individuals (i.e. the two different mailing
lists) and asking somebody (the sender of the message) to try and guess
which indiviual was being refered to.  In this case each MLA should have
it's own certificate (and hopefully different key pairs) in order to
allow for distinctness of identity to be known.

Graeme,

If we adopted the solution you gave, what limits me from making
arbitrary statements about who I am in this field that then need to be
independently verified by the receipt processing code?  (I.e. what if I
put the fact that I am turners(_at_)ieca(_dot_)com in this field and sign with 
my
jimsch(_at_)exmsft(_dot_)com certificate).

jim


-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Graeme 
Lunt
Sent: Wednesday, June 25, 2003 12:40 AM
To: 'Sean P. Turner'
Cc: 'ietf-smime'
Subject: RE: Signed Receipts and Mail Lists



Sean,
 

I'm not sure that the MLA returns a receipt on behalf of the ML 
members.


OK - if an MLA should not return signed receipts then there 
is not a problem with my scenario. 


I looked through ESS again and I couldn't find anything 

that said if a  

message enters an MLA with a signed receipt request that it



shouldn't or should return a receipt.    


Is an MLA considered a "receiving agent"/"receiving 
software"/"processing software" in section 2.3 of ESS? I had 
assumed that it was but agree it is unclear.


Typically (I think), originators want to know that the 

final recipient
got 

the message not whether the MLA got it.


I think there are arguments for both. If an originator sends a message
to:

complaints(_at_)bigbank(_dot_)co(_dot_)uk

the originator probably only wants to know that it got to the 
complaints department at bigbank. The originator doesn't want 
to know (and bigbank doesn't want to let the originator know) 
which individuals within bigbank read the message.


Then again maybe I didn't understand your scenario.


I don't think the originator needs to understand if the 
addresses they are requesting signed receipts from are 
address lists or not. If an originator sends a message to two 
recipients - one a mail list, one an individual - and 
requests first tier signed receipts, they will never receive 
a signed receipt from the mail list recipient. The user may 
find this unexpected. Correlation software *may* be able to 
detect a mail list recipient and handle it appropriately.


Graeme
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: (Practical) S/MIME certificate chain handling, chris . gilbert
Next by Date:  RE: (Practical) S/MIME certificate chain handling, Jim Schaad
Previous by Thread:  RE: Signed Receipts and Mail Lists, Graeme Lunt
Next by Thread:  Working on the agenda, Blake Ramsdell
Indexes:  [Date] [Thread] [Top] [All Lists]