Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!purdue!decwrl!shelby!UMD2.UMD.EDU!ZBEN From: ZBEN@UMD2.UMD.EDU (Ben Cranston) Newsgroups: comp.protocols.kerberos Subject: Re: using kerberos for secure mail Message-ID: Date: 4 Apr 89 18:32:33 GMT Sender: daemon@shelby.Stanford.EDU Organization: The Internet Lines: 23 You describe essentially what we were about to propose, extended to the case of multiple recipients! We see two main problem areas. One is the stability of the private key used to encrypt the AMRL while in transit from sender to reader. If one wants to change this key periodically but retain the ability to provide the key recovery service for a fairly long period of time (perhaps months) this will result in a large number of extant private keys. The second is the foreign Kerberos problem you also allude to. There is nothing to prevent the user from using her own keys, distributed by her own ingenuity, if she doesn't trust the Kerberii or their keepers. I see an emerging need for some form of mail privacy protection, that encryption is one reasonable route, that key distribution needs to get done. When the Davis and Swick paper came out that started me thinking along the lines of user to user authentication. It now seems that what we want to do can be done without their extensions. I do think we should be looking at this issue now so that when the time comes that people want to implement there will be a reasonably stable standard for them to write to. This is more important that who gets credit. Actually, having a standard may be more important than the gritty details of what the standard actually is...