1996-02-29 - Re: A brief comparison of email encryption protocols
Header Data
From: cme@cybercash.com (Carl Ellison)
To: Laurence Lundblade <lgl@qualcomm.com>
Message Hash: 8b416efdad957405c8aaca5e797c23dbf4418f964ae1dec09f3ed9d5f5ca28f9
Message ID: <v02140b16ad5baae32dfc@[204.254.34.231]>
Reply To: N/A
UTC Datetime: 1996-02-29 22:20:00 UTC
Raw Date: Fri, 1 Mar 1996 06:20:00 +0800
Raw message
From: cme@cybercash.com (Carl Ellison)
Date: Fri, 1 Mar 1996 06:20:00 +0800
To: Laurence Lundblade <lgl@qualcomm.com>
Subject: Re: A brief comparison of email encryption protocols
Message-ID: <v02140b16ad5baae32dfc@[204.254.34.231]>
MIME-Version: 1.0
Content-Type: text/plain
At 12:01 2/29/96, Laurence Lundblade wrote:
>
>Isn't using a hash as the identifier replicating the key distribution
>problem that PGP has or are you including some other data that can be used
>to look up the cert? I think a problem occurs when you have 20 billion of
>these certs (two for every person in the year 2010 or such). A simple hash
>into a table isn't going to cut it because you a single database (with
>replication?) isn't going to be possible. Some hierarchical lookup like
>DNS is going to be needed. The look ups are needed to check for revocation.
Our current straw-man http://www.clark.net/pub/cme/html/cert.html
uses the following to identify a key within a certificate:
KEY_ID ::= <hash of public key>
[<nickname chosen by the owner>]
[<URL of the full key>]
It is assumed that the key is in a cache at the verifier. The verifier can
add it to his cache by having it sent to him directly, by fetching it
via the URL (if present), or through some other means.
One of my co-workers [Donald Eastlake] is proposing distribution of keys
via the DNS and that sounds fine, too.
We weren't tying the distribution problem to the certificate problem.
They really are separate.
Revocation is a separate problem. My personal preference [quite seriously]
is not to allow for revocation -- rather to issue certificates with a
validity only long enough to get the job done but not so long that you'd
be seriously damaged by having an invalid cert honored. There's no way to
get 100%, immediate validation [by non-existence on a revocation list].
For more words on this subject, see cert.html.
If one really needs CRL checking, I'd recommend including a URL for the
Issuer's own revocation list as a field in the cert.
- Carl
+--------------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430 http://www.cybercash.com/ |
|2100 Reston Parkway PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091 Tel: (703) 620-4200 |
+--------------------------------------------------------------------------+
Thread
- Return to February 1996
Return to March 1996
- Return to “cme@cybercash.com (Carl Ellison)”
- Return to “Derek Atkins <warlord@MIT.EDU>”
Return to ““Perry E. Metzger” <perry@piermont.com>”
- 1996-02-29 (Fri, 1 Mar 1996 06:20:00 +0800) - Re: A brief comparison of email encryption protocols - cme@cybercash.com (Carl Ellison)
- 1996-02-29 (Fri, 1 Mar 1996 07:49:02 +0800) - Re: A brief comparison of email encryption protocols - “Perry E. Metzger” <perry@piermont.com>
- 1996-03-03 (Mon, 4 Mar 1996 02:06:16 +0800) - Re: A brief comparison of email encryption protocols - Derek Atkins <warlord@MIT.EDU>
- 1996-02-29 (Fri, 1 Mar 1996 07:49:02 +0800) - Re: A brief comparison of email encryption protocols - “Perry E. Metzger” <perry@piermont.com>