IETF Logo Mail Archive

Signed Receipts and Mail Lists

Graeme Lunt <Graeme.Lunt@nexor.co.uk> Tue, 24 June 2003 15:22 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA20212 for <smime-archive@lists.ietf.org>; Tue, 24 Jun 2003 11:22:08 -0400 (EDT)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h5OEkFrb068591 for <ietf-smime-bks@above.proper.com>; Tue, 24 Jun 2003 07:46:15 -0700 (PDT) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.9/8.12.9/Submit) id h5OEkFtu068590 for ietf-smime-bks; Tue, 24 Jun 2003 07:46:15 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from moorabbin.nexor.co.uk (moorabbin.nexor.co.uk [80.6.88.100]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h5OEkErb068567; Tue, 24 Jun 2003 07:46:14 -0700 (PDT) (envelope-from Graeme.Lunt@nexor.co.uk)
Received: from typhoon (actually host 210.53.63.193.in-addr.arpa) by moorabbin.nexor.co.uk with ESMTP (Mailer) with ESMTP; Tue, 24 Jun 2003 14:38:08 +0100
Reply-To: "g.lunt" <Graeme.Lunt@nexor.co.uk>
From: Graeme Lunt <Graeme.Lunt@nexor.co.uk>
To: ietf-smime <ietf-smime@imc.org>
Subject: Signed Receipts and Mail Lists
Date: Tue, 24 Jun 2003 14:39:46 +0100
Organization: Nexor
Message-ID: <001301c33a56$13ca7660$d2353fc1@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Spam-Status: No, hits=-99.4 required=5.0 tests=NOSPAM_INC,SPAM_PHRASE_00_01,USER_IN_WHITELIST version=2.43
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit

Hi,

We have recently encountered an issue when trying to correlate signed
receipts when using mail lists.

Issue:

When a MLA supports multiple lists using a single public/private key
pair, it appears that there is insufficient information within a signed
receipt generated by the MLA to determine to which recipient the signed
receipt relates. 

Take the case where a message is sent to two recipients, R1 and R2, and
the user makes an "all" signed receipt request.

R1 is actually a Mail List supported by an MLA using a single
public/private key pair, MLA1.

MLA1 receives the message for R1, expands the list, and sends a signed
receipt "on behalf of" R1 back to the originator.

The originator can identify the message to which the signed receipt
relates (from the signedContentIdentifier) but not the recipient as the
signature on the receipt is from MLA1. There is no way to relate this
receipt to either R1 or R2.

Possible resolution:

One way to resolve this problem would be to add an extension to the
Receipt syntax to include

   ....
   receiptFrom GeneralNames OPTIONAL
}

This field would allow the indication of whom the signed receipt was
sent from and consequently correlation with the original recipient list.
This also allows other scenarios where a third party may acknowledge
receipt for a given recipient for example an assistant reading a
managers mail. 

This functionality is comparable to that of the "IPM Intended Recipient"
field of an X.400 IPN.

Also, if considering changing the Receipt structure it may be worthwhile
adding an extension bucket at the same time (or even to support
receiptFrom).

Am I missing something?

Graeme

v2.37.1 | Report a Bug | By Email | System Status