-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-ID-Asymmetric: MFYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTE
kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMRQwEgYDVQQLEwt
Mb3MgQW5nZWxlcw==,08
MIC-Info: RSA-MD5,RSA,phZ85Sg9/nU0TL8tEwb5UKasCboIzmx9aKQ2Bu73RSX
Bx3YpK2twU+SlmgKz7NiLaHsZM61omnBi3MBZoch8dVC8i2GANQr/HrSGRWydF9j
hjZPoQ/S1xHVXVQFhB5E+
Some have suggested including the user's mailbox name as an
attribute in his certificate. (Some even have suggested making
the mailbox name the subject name.) Consider users who have
mailboxes are provided not by their employers, but by service
providers such as AOL, CompuServer, of MCIMail. There is no
fundamental requirement that these service providers certify their
users. For these users, it is obvious that their identity is not
well represented by their mailbox names. Rather, users of any of
these services might be certified by residential CAs who could
provide identity certification completely independent of the email
servuce provider. However, a CA independent of a service provider
might not be in a good position to certify the binding of a user
name to a mailbox.
Persons who have stable e-mail addresses and wish to communicate via PEM
should have the *option* of publishing their e-mail addresses in their dnames.
Companies that wish to use PEM exclusively for e-mail should have the *right*
to require that all employees registered under the company banner include
their e-mail addresses in their dnames. For others, the decision to include
the e-mail address is a personal one. (What security problems arise if I
register with an e-mail address that does not belong to me?)
There is even less reason to base the user's certified name
on his choice of service provider. Doing so has the potential to
create an impediment for the user, should he wish to change
service providers. This would be analogous to requiring a
telephone user to change his phone number based on his choice if
long distance service provider, a practice that does not apply
<link to recent FCC rules that allow owners of 800 numbers to
choose any long distance provider>. Certainly the Internet
community can do at least as well as the telephone system in this
regard <link to derisive references to telephony relative to the
Internet>.
I see myself as having at least two identities -- me at work, where I am part
of TIS, and me at home, where I speak for myself. I would never choose my
home identity based on my Internet service provider, and would probably be
choosy about publishing my home (e-mail) address to the world, too. In my
work, role, however, I would prefer that my colleagues be able to communicate
with me, privately, with a minimum of fuss. Thus, I would like to include my
e-mail address in my dname, and then when I send a colleague my certificate,
or he requests my certificate, software at his site can automatically set up
the "alias" mapping, and he can send me confidential e-mail immediately.
Making a user's certified name be his mailbox name is even
less desirbale in general. In many systems, users have limited
opportunities to choose their mailbox name. Users with long
surnames are frequently required to truncate their mailbox name
due to operating system limitations. Systems such as CompuServe
provide users with numercially unique, but totally non-dsecriptive
mailbox names. To the extent that mailbox names are tied to login
IDs on systems, there is a tendency to select short names that are
ill-suited to descriptively identifying an indvidual in a large
scale context. (Note this fundamental conflict: names cannot be
globally unique and descriptive and, at the same time, brief. DNS
names, which are prized in part for their brevity, cannot
accommodate large numbers of organizations and still remain
brief.) If the same user employs multiple mailboxes, there is no
intrinsic requirement the he be identified, for authentication
purposes, via different names.
In the proposal where the Common Name can look like this:
Jeffrey V. Cook <jvc(_at_)la(_dot_)tis(_dot_)com>
I further elaborate that the e-mail address is optional, and that the person's
name be listed in as much detail as desired (I might want "Jeff Cook" or
"Jeffrey Valjean Cook", for instance). Providing both the name *and* the
e-mail address eliminates the problems mentioned in the preceding paragraph.
Comments? ...Jeff
+------------------------------------------------------------------------+
| Jeff Cook (jvc(_at_)la(_dot_)tis(_dot_)com) | For my PEM
certificate/public key, |
| Trusted Information Systems, Inc. | send me an e-mail message with |
| | Subject: PEM certificate request |
| Phone: 310.477.5828 | |
| FAX: 310.477.1998 | For info on TIS/PEM send e-mail |
| | to tispem-info(_at_)tis(_dot_)com
|
+------------------------------------------------------------------------+
-----END PRIVACY-ENHANCED MESSAGE-----