Anders Rundgren wrote, On 2008-11-22 08:33: > I want each organization/domain entity that can afford an SSL certificate > to become a virtual CA and run their own secure messaging center.
Why SSL certs? why not email certs? Is it because you think that a secured IM service would be based on SSL? CMS is a MUCH better choice for secure IM than SSL, for many reasons. Here's just one of them: CMS is amenable to store-and-forward communications, SSL is not. If the peer to whom you're trying to send the encrypted IM is not online at the time you send it, it's trivial to turn into an SMIME email and mail it to him, so he gets it when he goes online. > Based on the SSL certificate they can use whatever issuance policies they > feel comfortable with as long as they keep inside of their "PKI sandbox" > which is (by the not yet defined application), constrained regarding > subject naming-schemes. > > This is BTW, how I believe secure e-mail should have been from the > beginning; secured at the domain-level. Although that doesn't > technically stop people from sending out viruses, spam, or similar, it at > least makes it much less attractive because the domain owner would > terminate you if it get too many complaints. What about all the inherent risks of having an ISP be a CA? And ISP is in a uniquely good position to be an MITM, especially if they issue the certs used to authenticate keys for their subscribers. The IM service I mentioned before allows users to use certs from any CA. Each user's client decide which certs are acceptable, not the service. That facilitates communication between people world wide. Out of the box, those clients trust all of the CAs known to NSS. They don't supply any UI with which to manage the set of trusted CA certs, but their cert DBs are ordinary NSS cert DBs and anyone who knows how to edit a cert DB with certutil or even Firefox can ... BTW, I'm not trying to promote a particular service. I just happen to think they did a really good job, and the way they secured their IMs and file transfer seem exemplary. I'd encourage any other service to emulate that aspect of their service. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
