What we really use instead of X.400/X.500

From: p(_dot_)churchyard(_at_)ic(_dot_)ac(_dot_)uk
Message-Id: 
<9402041113(_dot_)AA14634(_at_)cscmgb(_dot_)cc(_dot_)ic(_dot_)ac(_dot_)uk>
Subject: Re: Are X.500 names feasible?
Date: Fri, 4 Feb 94 11:13:12 gmt

But you never type in X.400 addresses, you select the one you want
from the directory services.... (:->

Pete.
It is a different mind-set to 'Internet centric' email.



This is exactly the point -- but probably not the way some people would
mean it.

Postulate that I have a computer on my desk with windows (Mac or PC).

I have a phone book/address book (file) listing people whom I know and
communicate with.  I access this file (identify those people) by my own
nicknames for them, not by any distinguished name or Internet domain name.
I can open up their data and find more details (like the phone numbers
where I'm likely to reach them on the 3rd Saturday of every month, between
7 and 9:30 pm).  My nickname (alias) for these people is of no interest to
anyone else in the world.

What gets exchanged between my address book utility and your address book
utility is being exchanged by programs, not by people.  Human readability
is of little importance.

As for signatures on the records in my address book, that's my business.  I
should require signed data before I trust it enough to allow it to be
entered in my address book.  I should also sign my own address book so I
can detect tampering.  I might even want to encrypt my own address book, to
keep the nosies out.  However, there is no reason for the world community
to establish a format for my address book or to make sure that signed
records carry all the info I care to have signed/encrypted about a person.

Put more succinctly, there's no reason for a certification authority to
maintain my address book for me.  That's my business and once I've received
some certified association, I can keep it safe on my own.

Business cards are a different matter, until they start coming with a
magnetic stripe.  However, a business card can carry a fingerprint of a key

 RIPEM MD5OfPublicKey: 39D9860686A9F075A9A83D49589C677A

and let normal inter-computer communications pass the actual key, names,
other elements of the database.

 - Carl

<Prev in Thread]	Current Thread	[Next in Thread>
What we really use instead of X.400/X.500, Carl Ellison <= Re: What we really use instead of X.400/X.500, p . churchyard RE: What we really use instead of X.400/X.500, Ned Freed RE: What we really use instead of X.400/X.500, p . churchyard Re: What we really use instead of X.400/X.500, John Lowry Re: What we really use instead of X.400/X.500, Theodore Ts'o Re: What we really use instead of X.400/X.500, Donald E. Eastlake 3rd (Beast) Re: Re: What we really use instead of X.400/X.500, jueneman%wotan

Previous by Date:	Re: Are X.500 names feasible?, Donald E. Eastlake 3rd (Beast)
Next by Date:	Secure EDI, TCJones
Previous by Thread:	Certificate responders, jueneman%wotan
Next by Thread:	Re: What we really use instead of X.400/X.500, p . churchyard
Indexes:	[Date] [Thread] [Top] [All Lists]