Re: carrying certificates

Housley, Russ (housley@spyrus.com)
Tue, 05 Mar 96 14:21:34

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Housley, Russ: "Re[2]: States and the 8 bit dilemma"
Previous message: Nicolls, J. Weston: "Re: MIME with MSP comments"

Derek:

>> Where is the certificate  associated with the signature carried?  I would 
>> like the originator to be able to include her certificate in the signed 
>> multipart.
>
> It is out of band.  If you need to get the key of the signatory, you
> look it up in a directory or ask the sender for it.  PGP does not
> have in-band key certificates.  This is considered a feature.

I think it would be better if there were a location to optionally carry a 
certificate.  I can see that bandwidth is reduced if you know that the 
recipient can easily obtain the certificate from a directory or cache.  
However, there are many environments where directory access is unavailable.

Russ

Next message: Housley, Russ: "Re[2]: States and the 8 bit dilemma"
Previous message: Nicolls, J. Weston: "Re: MIME with MSP comments"