ietf-smime
[Top] [All Lists]

RE: Request: Send me signed messages

2004-07-16 12:22:25

Ed,

I do not see why you felt it necessary to send this spiteful message.  I
have been an active participant in PKIX for 7 years now (S/MIME somewhat
less time), and I'm the editor and co-author of the current PKIX document on
certification path building.  I am not subscribed to the list to spam or to
burden the list.  As I said in my earlier message, I thought that these
lists contained the largest groups of individuals capable of sending signed
email messages.

Obviously before I share the collected certificates with any other
researchers, I will require a similar promise for those researchers to keep
the email addresses therein confidential.  

If anyone is afraid of what I might do with the collected email messages or
certificates, just don't send me a message.  I won't be offended.  I am
confident that those that know me, know of me, or know of my company have no
such fears; many have already sent me messages.  For that I thank you, and I
expect that the resultant set of data will be useful in the creation and
improvement of certification path development and validation software in the
years to come.

--Peter

+---------------------------------------------------------------+
| Peter Hesse                    pmhesse(_at_)geminisecurity(_dot_)com     |
| Phone: (703)934-2031         Gemini Security Solutions, Inc.  |
| ICQ: 1942828                     www.geminisecurity.com       |
+---------------------------------------------------------------+
"Pay no attention to what the critics say; there has never been 
a statue set up in honor of a critic." --Jean Sibelius
 

-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Ed Gerck
Sent: Friday, July 16, 2004 2:53 PM
To: Peter Hesse
Cc: ietf-smime(_at_)imc(_dot_)org; ietf-pkix(_at_)imc(_dot_)org
Subject: Re: Request: Send me signed messages




Peter Hesse wrote:

All,

We are looking to get a cache of many "real-world" 
certificates with 
which to do some testing related to certificate path 
building and validation.
 > Since most email clients send the signer's path (or some 
portion thereof)
with signed messages, I'd love to receive signed messages 
from anyone 
that is willing to send one.  I expect the S/MIME and PKIX 
lists have 
a high quantity of individuals with the capability to send 
S/MIME signed messages.

Comments below.

You have my personal guarantee that your email addresses 
will not be 
used or stored by us; I have no desire to alienate the community!

This is your promise #1.

You can reply to this message (NOT THE LIST) and sign your 
reply, or 
send directly to certs(_at_)geminisecurity(_dot_)com(_dot_)

I would be willing to share the resultant set of certificates with 
researchers interested in similar work.

This your promise #2. Do you think there is any conflict with 
your promise #1?  What do you think we know the "resultant 
set of certificates"
contain?

COMMENTS: Your message is off-topic and a spam. It's free to 
subscribe and listen to the traffic if you wish. Please don't 
burden this list.