[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
"Perry E. Metzger": Re: A brief comparison of email encryption protocols
Some discussion from cypherpunks seems to have started to touch on
SPKI issues so I thought I would forward a bit of it.
------- Forwarded Message
To: firstname.lastname@example.org (Carl Ellison)
cc: Derek Atkins <email@example.com>, firstname.lastname@example.org,
Laurence Lundblade <email@example.com>, Cypherpunks@toad.com
Subject: Re: A brief comparison of email encryption protocols
In-reply-to: Your message of "Thu, 29 Feb 1996 16:22:50 EST."
Date: Thu, 29 Feb 1996 16:35:25 -0500
From: "Perry E. Metzger" <firstname.lastname@example.org>
Carl Ellison writes:
> At 15:54 2/29/96, Derek Atkins wrote:
> >So, there needs to be a compromise, some shorthand method to describe
> >the hint. One solution is to provide a "keyserver" type and then some
> >string that says which "keyserver" to use. For example, if there is a
> >DNS-style keyserver deplyed, I could put '1,"mit.edu"' in all my
> >signatures, if we assume that '1' is the DNS-style keyserver code.
> >I'm sure there are other possible solutions as well, and any real
> >suggestions are welcome.
> is a URL just too big? My sigs are already several lines long. E.g.,
> Key: ftp://ftp.clark.net/pub/cme/cme.asc
URLs are nice, but I'm not quite sure they are sufficient in practice,
though they are certainly theoretically sufficient. If I get a
document from someone, and it is signed, I'd like to be able to get
the key associated with the signature, and the URL is in theory enough
to do that. However, going in the opposite direction -- retrieving a
key associated with, say, a remote host's TELNET server, I'd like to
be able to query a server ask much more flexible questions than an FTP
URL would let me ask -- I might have a prefered public key system (RSA
versus DSS or what have you), I might want to be able to distinguish
between versions of the key, I might want to ask for all keys of a
certain class, etc.
In the end, we are probably going to need something in the way of key
servers, which may (or may not) imply either a new type of URL or
something other than a URL to do retrieval off of.
------- End of Forwarded Message