pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Encoding e-mail addresses as DN's: draft

1994-03-20 12:34:00
from [Steve Kent] [Permanent Link] 
Rhys,

        I'm about to send a large message addressing many of the
points raised in message over the last 6-7 weeks, but your message
about how real (Internet) UAs work embodies a concise,
well-articulated argument that deserves a specific, individual reply.

        I agree completely with your characterization of how most UAs
work, but I disagree with your conclusion about what is the only way
to make retrofit PEM systems work with such UAs.  On the way out the
door, it is feasible to intercept the message with the DNS addrsses
and apply PEM processing, using the DNS addresses as indices for
certificates.  In fact, this mode of operation has been implemented
with other email security protocols in prototype systems that were
demonstrated over 4 years ago.  It is important to maintian the
binding between the DNS address and the name in the certificate, but
that can be accomplished in various ways, not only by requiring that
the emai, address appear in the certificate.  For example, each user
can maintain a local cache of certificate indexed by email address.
If you are concerned about the security of this binding, you can apply
local crypto techniques (which do not have to employ public key
cryptography) to maintain the binding.  

        If certificates are maintained elsewhere, e.g., in a shared
cache for a site, then the user can maintain the binding between the
email address and the public key (a favorite ID for carl anyway), and
then can check the retrieved certificate from the site cache against
the loclally maintained info.  The user has to interact with the PEM
software to some extent, in most instances, to say what security
services he wants (ENCRYPTED, MIC-CLEAR, MIC-ONLY).  My preference
would be to have the certificate subject names (plus the PCA name or
local alias) for the recipients displayed at that time, to help the
user detect the embarassemnt of sending encrypted emial to the wrong
recipient because of a typo in the local alias of email address.

        People have made various arguments about why to use email
addresses in certificate, in addition to or in lieu of "real" DNs.
Let's not include the issue of how to make PEM work with existing UAs
as a critical aspect of that argument; it really is not a determinign
factor. 

Steve
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RIPEM/SIG press release, Jim Bidzos
Next by Date:  Re: Originator-ID-Asymmetric andX.500, Steve Kent
Previous by Thread:  Re: Encoding e-mail addresses as DN's: draft, Stephen D Crocker
Next by Thread:  Re: Encoding e-mail addresses as DN's: draft, Mr Rhys Weatherley
Indexes:  [Date] [Thread] [Top] [All Lists]