[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The purpose of this mailing list

To: I.Brown@xxxxxxxxxxxx, cbreed@xxxxxxx, ietf-open-pgp@xxxxxxx
Subject: Re: The purpose of this mailing list
From: "William H. Geiger III" <whgiii@xxxxxxxxxx>
Date: Mon, 15 Sep 97 11:50:24 -0400
Sender: owner-ietf-open-pgp@xxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----

In <t53iuw2k1u4.fsf@xxxxxxxxxxxxxxxx>, on 09/15/97 
   at 11:56 AM, Marc Horowitz <marc@xxxxxxxxxx> said:

>Jon Callas <jon@xxxxxxx> writes:

>>> The biggest advantage of a PGP cert has is the way that it is "agile" as
>>> I've heard some people call it. If you want to look at how you fit PGP into
>>> a world that thinks names are important, you can use an email address as a
>>> DN. If you want to use PGP in a name where keys are important, use the
>>> fingerprint (or key proper) as a DN. No biggie. In fact, one of the central
>>> points of the way the web of trust is organized relates directly to
>>> resolving this apparent dichotomy. The PGP software, since its earliest
>>> days, manages this apparent dichotomy. The beauty of PGP as a PKI is that
>>> it can easily bridge an X.509-like, name-centric world to a SPKI-like,
>>> key-centric world.

>I see one problem with this approach, and that is in looking up keys. If
>we use the email address as the DN, then DNS will make an excellent
>mechanism for looking up keys.  Of course, email addresses have certain
>problems as DN's, as Carl will point out of I don't.  If we think of the
>key as the DN, then we avoid those problems, but create a different one:
>given a signature, how do I find the key to use to verify it?  Past
>solutions are to carry certs around within every message, which is
>inefficient, or to have a global index, which doesn't scale.

>We need to solve this problem.  One option which comes to mind is to
>include a "domain name" for the a pgp cert RR with the message instead of
>the cert itself; this does not need to be signed, as the message
>verification will fail if it is modified.  Unfortunately, this has the
>problem that cert domain names may change or go away, making verification
>in the future difficult unless a long-term cert cache is kept near the
>message.

I see some serious problems with using the DNS for key lookups &
distribution.

- -- What do we do with keys than do not have a "domain"?

- -- What do we do with sites that do not wish to manage PGP keys?
(currently the PKI is being done on a volentary basis).

- -- How do we solve the problem of redundance? ie where are the backups?

- -- How do we handle keys that cover multiple domains?

- -- What do we do about domains where PGP is illegal?? (Russia, France,
China, Cuba, ...)



- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNB1bEo9Co1n+aLhhAQGv+gP8CsEVDjHJ/4g40xaRhJqbj0Gfq8CONR9B
czQW5UlrSy9cEZb7ltJxtzH6Sjg/QdPnktw52VBWPNvn3PsvL6+BYUUIgq5D0GRm
TWxYmALUXyymGmtWvprdNwunXgF2mOlVsXMavwOxVv50LbwVCMW5DrzPJ9hsvLFM
C/sXusZytlY=
=OsFt
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: The purpose of this mailing list
  - From: Marc Horowitz

Prev by Date: Re: The purpose of this mailing list
Next by Date: Re: The purpose of this mailing list
Previous by thread: Re: The purpose of this mailing list
Next by thread: Re: The purpose of this mailing list
Index(es):
- Date
- Thread