ietf-smime
[Top] [All Lists]

RE: Request: Send me signed messages

2004-07-20 04:26:16

Actually, the sender can't control anything about the time the recipient
receives the message. All he can do is verify that the recipient's
certificate is not revoked at the time the message is sent, as the sender
perceives the time.

        Al Arsenault


-----Original Message-----
From: owner-ietf-pkix(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-pkix(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Ed Gerck
Sent: Monday, July 19, 2004 8:26 PM
To: Christine Karman
Cc: ietf-smime(_at_)imc(_dot_)org; ietf-pkix(_at_)imc(_dot_)org
Subject: Re: Request: Send me signed messages





Christine Karman wrote:

At 09:43 PM 7/16/2004, Ed Gerck wrote:

An obvious problem with email certificates is that they open
us to spam.


How's that?

A repository of certs with email addresses is a repository of
email addresses.

If you accept encrypted email, then you can refuse unsigned email.

You can do the latter without doing the former. Beseides, while
it's relatively easy
to send signed email to many people (as it depends only on your
cert), in order
to send encrypted email to many people you need each recipient's
cert (and you also
want to make sure they are not revoked at the time they receive
the message, which
is yet another problem).

Cheers,
Ed  Gerck