[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: sender-auth and ira

To: "'Housley, Russ'" <rhousley@xxxxxxxxxxxxxxx>, Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Subject: RE: sender-auth and ira
From: "Hallam-Baker, Phillip" <pbaker@xxxxxxxxxxxx>
Date: Fri, 26 Oct 2001 11:47:35 -0700
Cc: ietf-smime@xxxxxxx
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime@xxxxxxxxxxxx

Oh yeah the BCC to boss strategy...


To: Fred
BCC: Fred's Boss

Fred,
	I completely understand your situation with the possible loss of the
very big important customer account after your unfortunate presentation.
Please let me know if there is anything I can do to help you rectify the
situation.
		Mallet.


Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@xxxxxxxxxxxx
781 245 6996 x227


> -----Original Message-----
> From: Housley, Russ [mailto:rhousley@xxxxxxxxxxxxxxx]
> Sent: Friday, October 26, 2001 2:21 PM
> To: Peter Sylvester
> Cc: ietf-smime@xxxxxxx
> Subject: Re: sender-auth and ira
> 
> 
> 
> Peter:
> 
> > > The whole point of BCC recipients is to keep their 
> identities from other
> > > recipients.  If you are going to list them, then they are readily
> > > exposed.  I do not think that we should introduce this leak.
> >
> >Isn't this leak is somewhat similar to the possibility of having
> >one encryption envelope with all addresses in it?
> 
> Yes.  That is why the update to the MSG specification should 
> address BCC in 
> the contect of EnvelopedData.
> 
> Russ
>

Attachment: Phillip Hallam-Baker (E-mail).vcf
Description: Binary data

Prev by Date: Re: sender-auth and ira
Next by Date: x400transport and x400wrap
Previous by thread: Re: sender-auth and ira
Next by thread: x400transport and x400wrap
Index(es):
- Date
- Thread