IETF Logo Mail Archive

RE: dissemination of public encryption certificates

jpierre@netscape.com (Julien Pierre) Wed, 13 August 2003 23:41 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA11403 for <smime-archive@lists.ietf.org>; Wed, 13 Aug 2003 19:41:45 -0400 (EDT)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h7DNIiqt019768 for <ietf-smime-bks@above.proper.com>; Wed, 13 Aug 2003 16:18:44 -0700 (PDT) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.9/8.12.9/Submit) id h7DNIiD3019767 for ietf-smime-bks; Wed, 13 Aug 2003 16:18:44 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from netscape.com (r2d2.aoltw.net [64.236.137.26]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h7DNIhqt019761 for <ietf-smime@imc.org>; Wed, 13 Aug 2003 16:18:43 -0700 (PDT) (envelope-from jpierre@netscape.com)
Received: from judge.mcom.com (judge.nscp.aoltw.net [10.169.8.47]) by netscape.com (8.10.0/8.10.0) with ESMTP id h7DNIW315159 for <ietf-smime@imc.org>; Wed, 13 Aug 2003 16:18:33 -0700 (PDT)
Received: from kitty.nscp.aoltw.net ([10.169.25.23]) by judge.mcom.com (Netscape Messaging Server 4.15) with ESMTP id HJKZEJ01.Z70; Wed, 13 Aug 2003 16:18:19 -0700
Date: Wed, 13 Aug 2003 16:19:36 -0700
From: jpierre@netscape.com
Subject: RE: dissemination of public encryption certificates
To: Hallam-Baker Phillip <pbaker@verisign.com>
cc: ietf-smime@imc.org
In-Reply-To: <2A1D4C86842EE14CA9BC80474919782E01112FFC@mou1wnexm02.verisign.com>
Message-ID: <3F3AC788.7070508@netscape.com>
References: <2A1D4C86842EE14CA9BC80474919782E01112FFC@mou1wnexm02.verisign.com>
X-Mailer: AOL Communicator (20030811Trnk.1 Win)
Organization: Netscape
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha1"; boundary="------------ms010704000904080802040505"
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Philip,

Hallam-Baker, Phillip wrote on 08/11/2003, 16:55:

 >         This issue is one of the main use cases for XKMS. This has
 > considerable support within the PKI community, VeriSign, Microsoft, RSA,
 > Entrust and Baltimore have been involved in writing the specification
 > which is in the final post last call stage in W3C.
 >
 >         The (almost) final spec is to be found at
 >         http://www.w3.org/2001/XKMS/Drafts/XKMS20030804/xkms-part-1.html
 >         http://www.w3.org/2001/XKMS/Drafts/XKMS20030804/xkms-part-2.html
 >
 >         There will be two further changes to the spec, one to make a
 > minor tweak to the schema sometime this week, the second to change the
 > examples to use exclusive C18N.
 >
 >         An XKMS locate service may be advertised in the DNS using the
 > SRV record. So to send mail to alice@example.com you do an XKMS locate
 > to _xkms_http._tcp.example.com.
 > That gives you the XKMS service.
 >
 >         You then do a locate for a certificate to be used with S/MIME.

Thanks. This is very interesting and I will need to read more on XKMS. 
Until I do, you may be able to answer the following question : can the 
XKMS be easily delegated by the domain owner to a third party in the 
DNS, just like mail and web services usually are typically delegated 
today ? It certainly looks like it from the above, but I just want a 
confirmation.

-- 
I am the dog in dogfood

v2.43.4 | Report a Bug | By Email | System Status