From: “Perry E. Metzger” <perry@piermont.com>
To: cme@cybercash.com (Carl Ellison)
Message Hash: 0ad0364d8be4ec7caadb6112f8fb83878dc62d262c1a0814951930671d77b506
Message ID: <199602292001.PAA18761@jekyll.piermont.com>
Reply To: <v02140b16ad5baae32dfc@[204.254.34.231]>
UTC Datetime: 1996-02-29 23:49:02 UTC
Raw Date: Fri, 1 Mar 1996 07:49:02 +0800
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 1 Mar 1996 07:49:02 +0800
To: cme@cybercash.com (Carl Ellison)
Subject: Re: A brief comparison of email encryption protocols
In-Reply-To: <v02140b16ad5baae32dfc@[204.254.34.231]>
Message-ID: <199602292001.PAA18761@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
Carl Ellison writes:
> We weren't tying the distribution problem to the certificate problem.
> They really are separate.
I'm not entirely sure.
I think it would be valuable if signature formats specified not only
an arbitrary key-id but a DNSable string or URL to retrieve the
certificate responsible for the signature. One of the things we've
learned from PGP is the difficulty of dealing with random numbers as
key ids. In this, I'm not sure we shouldn't be including better lookup
mechanisms. This is not to say that meaning should be assigned to a
lookup string beyond its saying where to find the key.
Perry
Return to March 1996
Return to ““Perry E. Metzger” <perry@piermont.com>”