Tom,
Your characterization of a DN as a mailbox name is incorrect.
PEM will be used in the SMTP environment, in which DNS naming is
employed for mailbox naming. It will be quite feasible for a single
user, with multiple mailboxes, to use the same certificate and same DN
to process PEM-protected messages received at all of these mailboxes.
Conversely, a user might possess multiple certificates, e.g.,
representing his corporate identity and various roles within his
organization, and receive PEM-protected mail directed to these
different identities, all at the same mailbox (a somewhat less likely
scenario but still feasible). Even in X.400 (1988), where the DN may
be used by an originator to identify the recipient of a message, the
message handling system translates the DN into an address for routing
purposes. So, while we may argue about whether the DN which appears
in a certificate is a "name" in some sense, it definately is not a
mailbox address.
The X.500 model says that you have a different name as an
employee of company X than as a resident of town Y in state Z in
country AA. This is reasonable from a secure naming standpoint since
different entities would vouch for your identity in these different
contexts, e.g., your employer vs. your state, municpial, or federal
government. Now, in your capacity as an employee of company X, the
company might require that you employ a key pair generated by the
company, becuase the company wants to ensure that you use good quality
keys in communications where you are represented as an employee. It
might even want to retain access to the private component of the key
pair it provide, to ensure access to encrypted messages addressed to
you in your capacity as an employee. Current US law (ECPA) does not
grant employee email the privacy from corporate spying that your
Compuserve email gets from Compuserve spying, so this is not an
inconsistent model for cryptographic keys.
Alternatively, your employer could be very laid back and allow
you to select your own key pair for use at work and you could elect to
use the same key pair for your residential certificate. That is not
dictated by X.500, or by the PEM certification system standard. Your
employer might, instead, require that "official" corporate
communications be protected not with keys associated with individuals,
but rather with keys assocuated with organizational roles, e.g.,
purchasing manager or V.P. of finance. Thus individuals occupying
these roles would be granted use of the certificates and keys to
execute transactions on behalf of the corporation, perhaps without
ever really having knowledge or direct access to the private keys.
Thus, given the various options for how keys and names can be
related across individual and organizational identities, there is no
single, correct answer for all cases. However, X.500 and PEM's use of
X.500, does accomodate a pretty wide range of options. The badge/key
ownership question has different answers depending on the optikns
chosen. Most organizational IDs are the property of the issuing
organization and I would expect the same to be true of organizational
certificates (and private keys) used in any official capacity to
transact company business. This argues for a model in which an
inidvidual manintains a separate key pair for use with his residential
identity (and certificate), unless his organization is willing to let
him share the key pair across his corporate and residential identities
(as supported by the second example above).
Finally, this is not a new issue. The PEM-DEV list has gone
through discussions of this type before in its >5 year existance. I
urge list members who have not been following these discussion for a
fairly long interval to become familiar with the archives, and with the
existing standards literature, prior to making bold statements.
Steve