Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!asuvax!ncar!zaphod.mps.ohio-state.edu!usc!apple!agate!ucbvax!VAX1.UMKC.EDU!PH461A04 From: PH461A04@VAX1.UMKC.EDU (Guerra de Bureau) Newsgroups: comp.protocols.tcp-ip Subject: Certified Mail Systems... Message-ID: Date: 24 Feb 91 23:30:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 29 Regarding a protocol for SMTP certified mail, can anyone suggest why the following procedure would not work?? 1) Local mail system encrypts mail with time-varying key 2) Local system forwards mail to remote system 3) Remote system delivers (encrypted) mail to designated user 4) Designated user requests key from remote system 5) Remote system requests key from local system 6) Local system indicates to message originator that message has been received and key requested. 7) Local forwards key to remote 8) If remote system does note recieve key withing (x) units, repeats request for (y) tries before informing recipient key unavailable 9) Remote delievers key to remote user/unencrypts original message The only failure that I see is if a) the remote system requests the key from the local system; b) the local system acknowledges the request, and c) the anknowlegment(key) never gets back to the remote, and finally d) the remote is not able to re-request the key within the designated time frame. Given the increasing network reliability and the decreasing network transfer time and a sufficient number of retries/length of time before discard this system would seem fairly secure. Any problems?? Jonathan E. Oberg ph461a04@vax1.umkc.edu Brought to you by Super Global Mega Corp .com