Steve,
Thank you for your interest.
Does your proposal provide a means for introducing and using email
addresses widely and easily?
Definitively YES!
I was also intrigued by your mention of a "pull" model for certificate
validation. I think this is a good step forward. Can you supply
details?
Pull validation model is only possible with a ubiquitous Directory service
or, in my opinion, with a ubiquitous DB. Because X.500 Dir service is not
still ubiquitous, I have thought and tested the Internert DNS as such a
DB, and I have to say that with success.
Finally, I agree it's necessary to open up the validation process to
accommodate more than one hierarchy and indeed even to permit
individuals or small groups to get started without attaching
themselves to any existing hierarchy. Does your proposal accommodate
individuals and small groups as well as national hierarchies?
Yes!
Sorry if I am not too much explicit, but I am now involved in other
issues (projects, teaching, preparing camera-ready, thesis ...buff) that
spend a lot of my time. Anyway, I am also preparing a extended summary
of the proposal in order to distribute it for comments.
Thanks,
Francisco