Jim Galvin writes:
Based on experience and discussions with various people, we explicitly
included an option for originators to protect their public keys.
Insofar as we chose to include this option, I guess that makes it a
design goal. However, as this option was implicitly available from
1421, I do not consider this a new precept.
It is not an "option" in the least, because of the arbitrary key
selector which was created to support the new requirement that users
can keep their public keys unbublished. This key selector appears in
the identifier forms which all implementations *must* support.
I am trying to bring the severity of this to the attention of
everyone. The MIME/PEM security protocol mandated by the key selector
is not open and allowing at all. It obsoletes every certificate
database out there, rather than hooking into existing systems, because
these databases don't store and authenticate arbitrary key selectors.
MIME/PEM has universally imposed a new procedure.
Can other implementors on the list give their viewpoint on this,
including people whose applications already implement other messaging
protocols: Simply to be able to process the identifiers in a MIME/PEM
message, are you willing to reformat your databases and modify your
certification procedures just so that you can store, authenticate and
transmit arbitrary key selectors?
- Jeff