pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

DN/EN pairs

1994-02-04 22:07:00
from [Stephen D Crocker] [Permanent Link] 
-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE
 kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh
 HbGVud29vZA==,03
MIC-Info: RSA-MD5,RSA,C2uXkUtGLo1Y3NgMRKJ/phAI+Chnyv11peqCwJij/Xp
 qiacfydUkbGd88BHShH1sRmTtFjPxoRpAFgsaGhXEN3SZcNwn0mCfSVT3x5i/wDZ
 1/DSzu/Lqdzo37mUo4hyE

For anyone who didn't wade through my last note responding to Bob
Jueneman's (jueneman(_at_)gte(_dot_)com) two messages, I'll repeat the main idea
proposed in that note.

Proposed: Certificates be modified to provide two forms of
identification, the distinguished name (DN) as its presently defined,
*and* an email name (EN) directly usable as the network address
associated with the same entity.

Synopsis of argument: Both are needed.  Attempts to make one or the
other the primary form lead to potential security flaws.


Steve


 +-------------------------------------+-------------------------------+
 |  Steve Crocker                      | Voice: 301-854-6889           |
 |  Trusted Information Systems        | FAX:   301-854-5363           |
 |  3060 Washington Road (Route 97)    |-------------------------------|
 |  Glenwood, MD  21738                | Internet: crocker(_at_)tis(_dot_)com   
  |
 +-------------------------------------+-------------------------------+
-----END PRIVACY-ENHANCED MESSAGE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Are X.500 names feasible?, Stephen D Crocker
Next by Date:  Re: PEM-DEV message to you, resent, Marshall Rose
Previous by Thread:  dealing with drivel, Peter Williams
Next by Thread:  Re: DN/EN pairs, Donald E. Eastlake 3rd (Beast)
Indexes:  [Date] [Thread] [Top] [All Lists]