Re: Aliases (Re-sent)

["Perry E. Metzger" <perry@piermont.com>]

[I'd like to ask that replies to this be sent only to the spki mailing
list or the pkix mailing list; we don't need a cross list flame war.]

Joe Tardo writes:
> I have a question for one of the advocates of using "internet" email
> addresses in lieu of distinguished names.
> 
> Is cme@acm.org (cf: Carl's web page) REALLY cme@cybercash.com (cf: Carl's
> posting to this list)?  If so, where would I go to look up the alias
> certificate?  Will it be in one of dee@cybercash.com's signed dns entries?
> 
> I think not.

I don't think there is much of a reason for there to *be* a
certificate saying one is an alias of the other. I don't see that
there would be any real application for such a thing. If I want to
send mail to one or the other, I care only that I have the right key
for the person at the other end. If they are the same key or two
different keys doesn't matter much -- I anticipate in any case people
may have dozens if not hundreds of private keys on their
(automatically maintained) keyrings. If I need to know that both of
those entities are the same, I could get certification of that by
another mechanism -- say, someone sending me a certificatation signed
in both private keys saying that they are the same entity or some
such.

> I just ordered my own acm alias, not only because everybody seems to have
> one, but also to take advantage of the competitive ISP situation.  Besides,
> it's cheap. Now, where do I go to get my alias certificate?

Why do you need one?

Perry

---

References:

• Aliases (Re-sent)
• From: Joe Tardo <tardo@raptor.com>

---

• Prev by Date: Re: owner-spki@c2.org, ietf-pkix@tandem.com
• Next by Date: CRLs versus short Validity periods
• Prev by thread: Aliases (Re-sent)
• Next by thread: Re: Aliases (Re-sent)
• Index(es):
  • Main
  • Thread