Hi John. I didn’t mean to misrepresent what you said. I was simply trying to simplify the argument. I’m sorry if I got it wrong. How would you rephrase it?
Both the DOD and the USG Civilian CA hierarchies work pretty well. Apple’s works exceptionally well, but for reasons that aren’t clear to me, they don’t make it easy for non-Apple users to obtain Apple end-user certificates. I think that DANE, and in particular SMIMEA, promises to be a much better mechanism for distributing these certificates than LDAP has proven to be. I am in agreement with you that the document assumes that domains are the authorities of the identities of their users. I concur that the document should explicitly state this. Email addresses have become an identifier that is in many ways superior to other identifiers, such as SSNs and Driver License #s, because they can be proved by an individual’s ability to receive email at a specific address. For the same reason, mobile telephone numbers are also quickly becoming persistent identifiers. Email addresses have an advantage over mobile telephone numbers in that there are more of them and they are easily changed as necessary. Would you support advancing the draft it is explicitly stated this assumption? Simson > On Nov 21, 2016, at 9:58 AM, John Levine <[email protected]> wrote: > > Hi, Simson. > >> To summarize the answer I received, there was concern that some email users >> might be using a legacy email account, not trust >> their mail provider, and want the assurance of a end-to-end encryption that >> is asserted by a trustworthy CA. > > That's not really what I said. If you're going to quote me, please quote me. > > >> I’ve thought about this response over the weekend and do not find it >> credible. This answer presupposes a CA system that is >> not the one that we have. Most CA S/MIME providers authenticate users based >> on their ability to receive email at a given >> address. So a hostile email provider intent on intercepting encrypted email >> could easily spoof even a trusted CA provider >> into issuing a bogus certificate. > > I certainly wouldn't disagree that the current public CA system is > screwed up. On the other hand, there are non-public or semi-public > CAs that seem to work OK, like the DOD's. This is throwing out the > baby with the bathwater. > > But in any event, to return to my original objection, it seems quite > clear that the assumption in this document is that domains are > authorities for the identities of their users. It should say that in > so many words rather than dancing around it. > > R's, > John _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
