[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A brief comparison of email encryption protocols
Carl Ellison writes:
> We weren't tying the distribution problem to the certificate problem.
> They really are separate.
I'm not entirely sure.
I think it would be valuable if signature formats specified not only
an arbitrary key-id but a DNSable string or URL to retrieve the
certificate responsible for the signature. One of the things we've
learned from PGP is the difficulty of dealing with random numbers as
key ids. In this, I'm not sure we shouldn't be including better lookup
mechanisms. This is not to say that meaning should be assigned to a
lookup string beyond its saying where to find the key.
Perry