Ed,
I do not see why you felt it necessary to send this spiteful message. I
have been an active participant in PKIX for 7 years now (S/MIME somewhat
less time), and I'm the editor and co-author of the current PKIX document on
certification path building. I am not subscribed to the list to spam or to
burden the list. As I said in my earlier message, I thought that these
lists contained the largest groups of individuals capable of sending signed
email messages.
Obviously before I share the collected certificates with any other
researchers, I will require a similar promise for those researchers to keep
the email addresses therein confidential.
If anyone is afraid of what I might do with the collected email messages or
certificates, just don't send me a message. I won't be offended. I am
confident that those that know me, know of me, or know of my company have no
such fears; many have already sent me messages. For that I thank you, and I
expect that the resultant set of data will be useful in the creation and
improvement of certification path development and validation software in the
years to come.
--Peter
+---------------------------------------------------------------+
| Peter Hesse pmhesse(_at_)geminisecurity(_dot_)com |
| Phone: (703)934-2031 Gemini Security Solutions, Inc. |
| ICQ: 1942828 www.geminisecurity.com |
+---------------------------------------------------------------+
"Pay no attention to what the critics say; there has never been
a statue set up in honor of a critic." --Jean Sibelius
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Ed Gerck
Sent: Friday, July 16, 2004 2:53 PM
To: Peter Hesse
Cc: ietf-smime(_at_)imc(_dot_)org; ietf-pkix(_at_)imc(_dot_)org
Subject: Re: Request: Send me signed messages
Peter Hesse wrote:
All,
We are looking to get a cache of many "real-world"
certificates with
which to do some testing related to certificate path
building and validation.
> Since most email clients send the signer's path (or some
portion thereof)
with signed messages, I'd love to receive signed messages
from anyone
that is willing to send one. I expect the S/MIME and PKIX
lists have
a high quantity of individuals with the capability to send
S/MIME signed messages.
Comments below.
You have my personal guarantee that your email addresses
will not be
used or stored by us; I have no desire to alienate the community!
This is your promise #1.
You can reply to this message (NOT THE LIST) and sign your
reply, or
send directly to certs(_at_)geminisecurity(_dot_)com(_dot_)
I would be willing to share the resultant set of certificates with
researchers interested in similar work.
This your promise #2. Do you think there is any conflict with
your promise #1? What do you think we know the "resultant
set of certificates"
contain?
COMMENTS: Your message is off-topic and a spam. It's free to
subscribe and listen to the traffic if you wish. Please don't
burden this list.