Rhys,
Sometimes I act too much like Don Quixote, tilting at windmills,
defending the faith, taking on all comers, answering all questions, etc. That
isn't my charter or role, and I am going to start de-emphasizing this
and try to get some of my other work done. So you don't have to feel that
you have to convince me of anything. You've done the right thing by
putting an Internet draft together, and now the IETF can decide whether
to modify the RFCs or ignore the issue. the other alternative is that you can
ignore the IETF, and just go out and do your thing, and see if you
pick up any followers. That is what PGP and REPEM have done, and they
have been quite successful without any specific endorsements.
On the other hand, the questions that you and others have raised are very
reasonable and valid ones, and because I want to see public key
cryptography succeed (whether PEM or some other form -- whatever turns
out to be usueful), I have tried to share whatever information I have that
might be helpful.
In that spirit, let me reply to one of your issues or questions:
A better example of where organisation names aren't all that good is in
the public access sector. As I've stated previously, I'm the president of
BrisNet, the local low-cost UUCP/IP provider. Now, we could set up a CA
with names like:
C=AU, S=Queensland, O=BrisNet, associationNumber="ACN ???/???",
CN="Fred Nyerk"
But, this is a burden on a network that is otherwise run by volunteers.
BrisNet's organisation name is more for tax purposes than anything else.
You now put up your hand and say "Persona CA", but the BrisNet members
then put up their hands and say "What the hell is a Persona CA?". :-) The
whole "try before you buy" comes in here too with self-signed
certificates. If the BrisNet members wanted to use self-signed
certificates, what address would they use? Make one up and probably get
the legally required structure above wrong? Use the RSA Persona hierarchy
but sign it themselves? Residential hierarchies with the risks of
exposing a home address to the whole world? Something else? This is what
I'm getting at with the DC/RM proposal. Sometimes it is simply not
possible to choose a good traditional DN. For those cases, some
translation of the e-mail address is warranted I feel.
I respectfully suggest that you are too hung up on the "legally required
structure" and the possibility of getting it wrong. I would suggest that
a good test, one that has 200 years of experience behind it in the US,
anyway, is to ask the question, "Could the Post Office successfully
deliver a package to this address?" If the answer is yes, then the
X.500 address you have selected is almost certainly workable. Yes,
it may be either overspecified from the standpoint of being a minimal
description of a distinguished name, or it may be underspecified from the
stanpoint of a minimal amount of search time, BUT IT WILL WORK.
Because there is no requirement that PEM interoperate with X.500,
you don't need to concern yourself too much with niceties of an X.500
schema that hasn't even been designed. In any case, below the
O=<organization> level, each organization can specify their own schema.
If and when an X.500 provider comes along and you want to list with them,
you can argue as to whether your choice of a name fits their preconceptions.
In particular, you don't have to seek national registration, be
assigned OIDs, or any other of the "hard" parts, until you decide
that you really want to embrace this technology and do it "right".
In the case of BrisNet, it would be perfectly acceptable to list
them as
C=AU,S=Queensland, L=Brisbane, O=BrisNet
If you wanted to sign correspondence as the President, your certificate
could be
C=AU,S=Queensland, L=Brisbane, O=BrisNet, cn=Rhys Weatherley,
title=President
Now, DEPENDING ON THE DEGREE OF ASSURANCE THAT IS DESIRED,
your CA and/or PCA may require you to provide some additional amount of
evidence to substantiate (notice that I didn't say prove) your right to
use that name. Depending on their policy, this might range from
submitting a copy of your organization's business or tax license,
to a notarized copy of your articles of incorporation, if you have one.
The NADF standing documents even talk about organizations without
civil standing. This might range from your bowling league to the ladies
Garden Club.
Their postal address could be
C=AU, S=Queensland, L=Brisbane, streetAddress="c/o Mr. Sherlock Holmes,
23 Baker Street", CN="Baker Street Irregulars"
If you want to add their e-mail address, go ahead. On the other hand,
if you want to write the message on a floppy disk, tie it to a rock, and
throw it through the window, that's all right also.
For lots of reasons, but primarily so we can at least try to support
nonrepudiation, I would strongly prefer that the traditional civil structure
DN be included within the certificate, and if X.509 would allow
non-distinguished attributes to be included and signed, I would be
quite happy with putting an optional e-mail (or X.400, or whatever)
address there. I'm also not at all opposed to adding the e-mail address
as a potentially over-specified part of the DN -- I'm just pointing out
that there will be a hit (not too big a hit) on the certificate generation
code to support a new attribute (probably), on the PEM validation/
display mechanism, and on the X.500 DUA if and when one supports this
scheme.
It should be noted that these impacts would be there whether or not you
use self-signed certificates or not.
I will be interested to see the reaction to Jeff Thompson's announcement
of an E-mail based CA, which seems to fill your needs. I also note with
interest the progress apparently being made in Japan, where your RM
concept seems to be being applied.
Best regards, whatever you decide to do.
Bob