This has led me to believe that we need a tuning knob on the PEM verification
rules. In this fashion we can give the end users control over how finiky they
wish to be. Levels of the (digital) know might be:
1) All certificates and CRLs are required.
2) CRLs are required but may be obsolete.
3) No CRLs are required.
3a) CRL required from first level CA but not from higher levels in
hierarchy.
4) CA certificates can be obsolete (and PCAs as well)
5) User certificates can be obsolete
6) Anything is ok (PEM becomes a no-op) or a printf("All OK");
Jeff -
I like this idea. In fact, I like it a lot. In trying to get PEM as
widely accepted as possible, I think some leeway should be given for
users with differing privacy/security requirements. Plus, as mail-based
applications begin to transition into PEM-based applications, this would
appear to be a useful functionality.
This idea seems to be a compromise between users who need to be absolutely
sure of the identity of the message (i.e. a message from a boss to an
employee telling them to do something), and users who are less concerned
with a CRL's current validity (i.e. two employees who sit down the hall
from each other carrying on a private conversation about a new product).
- Anish
-----------------------------------------------------------------------
Anish Bhimani
anish(_at_)ctt(_dot_)bellcore(_dot_)com
Enterprise Network Integrity (908) 699-5571 (phone)
Bellcore (908) 336-2732 (fax)