RE: Request change in son-of-rfc2633

pgut001@cs.auckland.ac.nz (Peter Gutmann) Wed, 29 October 2003 04:12 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA22492 for <smime-archive@lists.ietf.org>; Tue, 28 Oct 2003 23:12:14 -0500 (EST)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9T3SWI7021283 for <ietf-smime-bks@above.proper.com>; Tue, 28 Oct 2003 19:28:32 -0800 (PST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.10/8.12.9/Submit) id h9T3SWsI021282 for ietf-smime-bks; Tue, 28 Oct 2003 19:28:32 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from hermes.cs.auckland.ac.nz (hermes.cs.auckland.ac.nz [130.216.33.151]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9T3SSI7021276 for <ietf-smime@imc.org>; Tue, 28 Oct 2003 19:28:31 -0800 (PST) (envelope-from pgut001@cs.auckland.ac.nz)
Received: from cs.auckland.ac.nz (medusa01.cs.auckland.ac.nz [130.216.34.33]) by hermes.cs.auckland.ac.nz (8.12.9-20030924/8.12.9) with ESMTP id h9T3Rto9008180; Wed, 29 Oct 2003 16:27:55 +1300
Received: (from pgut001@localhost) by cs.auckland.ac.nz (8.11.6/8.11.6) id h9T3UAo08690; Wed, 29 Oct 2003 16:30:10 +1300
Date: Wed, 29 Oct 2003 16:30:10 +1300
Message-Id: <200310290330.h9T3UAo08690@cs.auckland.ac.nz>
From: pgut001@cs.auckland.ac.nz
To: blake@brutesquadlabs.com, jimsch@exmsft.com, pgut001@cs.auckland.ac.nz
Subject: RE: Request change in son-of-rfc2633
Cc: ietf-smime@imc.org
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

"Blake Ramsdell" <blake@brutesquadlabs.com> writes:

>"When looking up certificates using the subjectKeyIdentifier field, S/MIME
>agents MUST be prepared to handle multiple certificates that have the same
>subjectKeyIdentifier value gracefully."

That won't work if you only find the wrong cert using the sKID.  That is,
there are two certs with the given sKID, you get a perfect match on the one
that you can locate, but it's the wrong one.

The real problem here is that by building a spaghetti PKI (one that violates
the original X.509 design) you're subjecting yourself to a world of pain that
no amount of text in a standard can resolve.  So the only practical solution
would be to include a warning to say that everything works as required with a
conventional PKI, but all bets are off once you're in a spaghetti PKI
scenario, because the design was never intended to be used like that.  Might I
suggest:

  "The behaviour of S/MIME agents in a spaghetti PKI scenario is a
  ecumen^H^H^H^Hpolicy matter".

Peter.