Ian, For me at least secure messaging means authenticated messaging as well. Here is the current Firefox solution to certificate distribution. http://demo.webpki.org/mozkeygen
I don't know what Eddy and Jabber intends to do but it must be something similar. Anders ----- Original Message ----- From: "Ian G" <[EMAIL PROTECTED]> To: "mozilla's crypto code discussion list" <dev-tech-crypto@lists.mozilla.org> Sent: Saturday, November 22, 2008 17:54 Subject: Re: Creating a Global User-level CA/Trust Infrastructurefor SecureMessaging Anders Rundgren wrote: > Ian, > I hope you don't mind but I limit my response to a single core topic. :) >> So from this, I gather you want: scalability + distribution. > > Absolutely. > >> Do you want no center(s) at all? > > I want each organization/domain entity that can afford an SSL certificate to > become a virtual CA and run their own secure messaging center. Based on > the SSL certificate they can use whatever issuance policies they feel > comfortable > with as long as they keep inside of their "PKI sandbox" which is (by the not > yet defined application), constrained regarding subject naming-schemes. OK, so if we intersect that with my interests (how to add chat to Tbird) then the idea might be to write: a Tbird plugin CA with some limited functionality: receive requests with keys over email issue cert over key from a superior cert, if in domain distro the cert (over email?) to the identities a Tbird plugin chat client that: creates a key sends and receives the request/cert sends out and receives chat messages. Hmmm... Needs work :) I wonder if we wouldn't just be better off doing something like writing a chat client that creates and uses its keys, but leaves them "unathenticated"? Trying to get all that theoretical authentication going seems beyond the effort most people will expend in order to just chat. > This is BTW, how I believe secure e-mail should have been from the beginning; > secured at the domain-level. Although that doesn't technically stop people > from > sending out viruses, spam, or similar, it at least makes it much less > attractive because > the domain owner would terminate you if it get too many complaints. Currently > ISPs typically do not even authenticate SMTP requests, since there is no > point, > because you can "reuse" whatever domain you want and most of the time the > mails > get through. How would the domain owner terminate you? The problem with spam is that even if only a few still get through, it works. It would seem that this idea would rest on every other mail server in the world behaving nicely, which isn't reality in the mail world. For my vision of how secure e-mail could work: the Tbird creates a key, self-signs it, turns on digsiging + key distro always, and starts sending encrypted email as soon as it has your key. Of course, this is unauthenticated. So an additional optional extra for the concerned user is to click a button, select a CA, and go off and turn the self-signed cert into a CA-signed cert. If so desired. Just my thoughts. iang _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto