[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A web of directories - Finding PKIX Servers

To: <marcj@xxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: Re: A web of directories - Finding PKIX Servers
From: "Bob Jueneman" <BJUENEMAN@xxxxxxxxxx>
Date: Thu, 04 Mar 1999 11:48:24 -0700
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

No, not really.  As I've said before, e-mail is NOT the only 
way of communicating either signed or encrypted documents,
or even certificates, and I am trying to come up with a 
method that would be universal.

In addition, if he sends you a signed message, that may only include
the certificate for his signature key, and not his encryption key.
and it is even less likely to include additional certificates for RSA,
DH/DSS, elliptic curves, etc.

FYI, a recent RFC has been posted that would allow S/MIME to 
describe their crypto capabilities in a directory entry.

Bob

>>> Marc Jadoul <marcj@globalsign.net> 03/04/99 11:05AM >>>
Hi,

I really find acceptable to send an email to the person i want to
contact and wait for his signed reply. Don't you ?

I do not know how s/mime work, but it seems also the only way to know if
the program he use is able to do strong crypto or even negotiate other
need parameter to initiate a secure communication. Isn't it ?

Marc Jadoul

Prev by Date: RE: OCSP Service Locator and RFC2459's Authority InformationAccess
Next by Date: Re: Qualified Certificates draft - Country name
Previous by thread: Re: A web of directories - Finding PKIX Servers
Next by thread: Re: PKIX Path determination/construction/processing andAKIpointer hanging
Index(es):
- Date
- Thread