-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of
Hallam-Baker, Phillip
Sent: Thursday, August 14, 2003 11:17 AM
To: 'helm(_at_)fionn(_dot_)es(_dot_)net'; Hallam-Baker, Phillip
Cc: 'Steve Hole'; Julien Pierre; ietf-smime(_at_)imc(_dot_)org
Subject: RE: dissemination of public encryption certificates
XKMS does not answer that question because I can't think of a
situation
where is would be of interest. The certificate is simply a
data object that
is created to establish the trustworthiness of a key.
Applications don't ask
'what is this good for?', they ask 'how do I do this task?'.
Well, I'm not sure I agree. There are two major questions that
constantly need answers in the mind of an S/MIME client. These are
pretty close to what Michael said in his message:
1. Given a particular email address, give me That Which Is Necessary and
Sufficient to send encrypted mail to that email address.
2. Given a particular certificate, is it suitable for signing mail that
came from a particular email address. Michael said "what is it good
for", which I think is too broad a question.
If we're considering protocols that attempt to answer these types of
questions, those are the two questions that need to be answered by that
protocol (for interpersonal messaging with S/MIME, that is).
Blake