If you really want to use PEM, rather than PGP, for this sort of
thing, just have people sign their own certificates.
Donald
From: rhys(_at_)cs(_dot_)uq(_dot_)oz(_dot_)au
To: pem-dev(_at_)tis(_dot_)com
I've been lurking on this mailing list for a few months, and have been
very careful to keep my mouth shut, being a relative newbie to PEM.
I am planning PEM (actually RIPEM-compatible) support in some upcoming
news and mail reader products of mine.
Sead Muftic mentions things to be done in future PEM work. May I also
suggest documenting the RIPEM non-certificate key exhange mechanisms, even
if only as "PEM implementations should be able to generate either
certificate or non-certificate key exchanges (or both), and should be
able to read both certificate and non-certificate key exchanges".
While certificates are great when it is absolutely vital that you know
who you are talking to, they are overkill for casual exchanges IMHO.
Also, I feel they are pretty useless for high turnover user communities
such as student bodies at universities: the uni would have to issue
10000+ certificates at the start of the year and 10000+ revocations at
the end. For casual student-student use, this is unmanageable, and
therefore unis probably wouldn't issue student certificates at all,
and force their students to ignore PEM in favour of PGP.
If the PEM working group seriously wants to promote PEM as an alternative
to PGP, then some form of non-certificate key exchange will have to be
adopted for those who have high turnover or who "live on the fringes",
at least until enough PCA's and CA's exist to make getting a certificate
a trivial matter rather than an exercise in bribery. RIPEM provides it,
but it isn't in the RFC's, and I'd like to see it there.
Three alternatives to RIPEM that come to mind are:
(a) "Break" the notion of certificate to allow NULL issuer fields.
(b) Document an e-mail address where users can send their
keys to be "rubber stamped" for Persona use with no
questions asked.
(c) Tell me how to set myself up as a rubber stamp PCA. I'll
guarantee that I'll sign everything and anything, thereby
making the notion of signing absolutely useless, which is
what I _don't_ want to do.
If it is vitally important that two parties need to know who each other is
for legal or financial purposes, then they will have to get certificates.
If not, then PEM as expressed in the current RFC's tells them to stuff off.
Cheers,
Rhys.