[686] in Kerberos
Re: using kerberos for secure mail
daemon@TELECOM.MIT.EDU (Ben Cranston)
Tue Apr 4 15:30:56 1989
From: Ben Cranston <ZBEN@UMD2.UMD.EDU>
To: Jeffrey I. Schiller <jis@ATHENA.MIT.EDU>, kerberos@ATHENA.MIT.EDU
You describe essentially what we were about to propose, extended to the case
of multiple recipients! We see two main problem areas. One is the stability
of the private key used to encrypt the AMRL while in transit from sender to
reader. If one wants to change this key periodically but retain the ability
to provide the key recovery service for a fairly long period of time
(perhaps months) this will result in a large number of extant private keys.
The second is the foreign Kerberos problem you also allude to.
There is nothing to prevent the user from using her own keys, distributed
by her own ingenuity, if she doesn't trust the Kerberii or their keepers.
I see an emerging need for some form of mail privacy protection, that
encryption is one reasonable route, that key distribution needs to get done.
When the Davis and Swick paper came out that started me thinking along the
lines of user to user authentication. It now seems that what we want to do
can be done without their extensions.
I do think we should be looking at this issue now so that when the time comes
that people want to implement there will be a reasonably stable standard for
them to write to. This is more important that who gets credit.
Actually, having a standard may be more important than the gritty details
of what the standard actually is...
