Re: dissemination of public encryption certificates

[jpierre@netscape.com (Julien Pierre)]

Anders,

Anders Rundgren wrote on 08/12/2003, 9:31:

 > Pierre,
 > It is good to hear somebody bring up this question which is absolutely
 > vital for successful deployment of encrypted mail.

I'm also glad to see interest in solving this problem.

 > Personally I don't think that neither the S/MIME WG or XKMS WG
 > have a solution that at least I would call "acceptable".
 >
 > XKMS addresses to some extent the enterprise scenario but only
 > if the enterprise has their own domain and associated CA.  For
 > truly TTP-based certificates you are out of luck if you are looking
 > for automated functionality.

Are you saying basically that this won't work for Joe User at 
randomisp.com, who wants to register with randomca.com ?
 >
 > I believe that the mail protocol and associated applications
 > should be augmented with encryption certificate lookup. A
 > MIME X-extension that you configured in your e-mail client
 > would do a part of this.  I.e. each time you sent a mail, the
 > lookup would be transmitted as well.   Also it would be
 > nice to have an enhanced "mailto:" URL supporting the same
 > mechanism.

If you send an email today, you can simply sign it and include your 
certificate in the signature. If you just sign all your mail, then all 
you always disseminate your certificate. So in what situations does this 
new MIME extension certificate lookup help ? I suppose this extension 
would be shorter than a digital signature. However it would also be much 
less secure.

The case I originally asked about is :
neither party has exchanged any e-mail yet, but they know each other's 
e-mail address. They want to communicate securely. How do they avoid or 
bypass the initial insecure e-mail exchange ?

 > In summary I think that a certificate-independent configuration
 > of e-mail clients would be more universal than "fishing" in
 > domains as the user domain and issuer domain may be entirely
 > disjunct.

"Fishing" in domains as you say would be independent of e-mail client 
configuration for the most part (it could just be turned on or off).

You correctly point out that in most cases the user's domain and cert 
issuer domain are disjoint. This is especially true of e-mail users 
whose ISP isn't a CA (99.9% of them right now). The only solution for 
these users is some sort of universal registration service. This implies 
the existence of some sort of free worldwide directory service (LDAP) 
that would resolve e-mail addresses to certificates ... And clients 
would need to be (automatically?) configured to do look ups in it.

-- 
I am the dog in dogfood