Hi, SMIME list
There are many of MUA implementations for S/MIME and some banks or
corporations are using digital signature for their messages.
But in such cases, there are several points would hopefully be care in
technical aspects of S/MIME.
Displaying assurance of organization of signer, keys and certificates
management criteria in MUA and CRL delivery into MUA are crucial
issues to enhace usage or deployment of acutual use of S/MIME.
I would think about drafting a document as follows:
-----
MUA and for qualified signatures:
- certificate selection in MUA
- for unified display (like green bar in browser) of showing
messages in MUA with valid/non-valid signatures
- operational pracice for digital signatures
(e.g. key length, validity, key store)
Certificates for S/MIME:
- operational pracice for digital signatures
(e.g. key length, validity, key store, revocation control)
- certificate policy or singing policy for signer(S/MIME)
e.g.) Bank, corporation, goverment and/or for qualified signature
etc.(other items in my mind)
-----
Are they impossible to be toss as a draft?
If you have had considered such point of operational issues,
I would hope to share and get your reply.
(or talk to me either, in Berlin)
--
Kohei Kasamatsu
NTT Software Corporation
TEL: +81 45 212 7908 FAX: +81 45 212 9800
E-mail: kasamatsu(_dot_)kohei(_at_)po(_dot_)ntts(_dot_)co(_dot_)jp
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime