Re: A brief comparison of email encryption protocols

[Derek Atkins <warlord@MIT.EDU>]

> I think it would be valuable if signature formats specified not only
> an arbitrary key-id but a DNSable string or URL to retrieve the
> certificate responsible for the signature. One of the things we've
> learned from PGP is the difficulty of dealing with random numbers as
> key ids. In this, I'm not sure we shouldn't be including better lookup
> mechanisms. This is not to say that meaning should be assigned to a
> lookup string beyond its saying where to find the key.

This is something that I've spoken to Phil about at length, and I've
been trying to devise solutions.  The problem is how to offset the
"hint" and the size of the signature.  You want the signature to
contain some informatin that hints at the location of the key.  On the
other hand, you dont want to bloat the signature in doing this.

So, there needs to be a compromise, some shorthand method to describe
the hint.  One solution is to provide a "keyserver" type and then some
string that says which "keyserver" to use.  For example, if there is a
DNS-style keyserver deplyed, I could put '1,"mit.edu"' in all my
signatures, if we assume that '1' is the DNS-style keyserver code.

I'm sure there are other possible solutions as well, and any real
suggestions are welcome.

-derek