>> I notice you're still attaching a root certificate of unknown
>> quality as part of your signature. Since it is different than my
>> current class 2 root for the same named authority it may or may
>> not be valid. If I accept your certificate and root I'm potentially
>> at risk that you will later maliciously create MITM certs.
>
>Why do you care about the CA cert that signed Kyle's cert AT ALL?
>If you don't recognize that CA cert, they you should continue to
>completely
>ignore that CA cert. If your MUA does not let you pin Kyle's cert
>alone (for the purpose of verifying the signaturs on Kyles Emails),
>but requires you to add cert of _his_ certifcation chain to add to
>your trust anchors as a prerequisite for S/Mime signature verification,
>then the PKI software used by your MUA is seriously broken.
The user interface on my MUA (designed by one of the world's largest software
companies) is unable to indicate to me what I should do with the two
certificates in a clear manner. On importing the first certificate - it
indicates that it will be used for both e-mail and internet. Hence my prior
complaint about possible vulnerabilities with cert acceptance.
Info on the cert from MS Outlook MUA
Protects e-mail messages
Ensures software came from software publisher
Protects software from alteration after publication
Allows data to be signed with the current time
Allows data on disk to be encrypted
Allows secure communication on the Internet <----- my issue in prior
thread
Deep in the MS controls I can finally find check boxes to turn off everything
but the email. I doubt that any but the most rabid security geek would bother.
Even then, it's very difficult to maintain the large number of certs. The
relationships and associated privileges are difficult to view review for
security.
With effort I could make this work ... the security and usability are of
dubious quality without very careful configuration.
Also - cleaning up after my experiment, I disable both certs in the path for
the user cert, and the UI tells me the terminal cert is still valid! WE seem
to have a mixture of bad implementations - and technologies that are too
complicated in their details to make them easy to use.
Finally - there are no user centric constraints. The newly accepted cert can
issue for any email or dns address. I can not place any limitations on the new
cert.
Paul
>-Martin
_______________________________________________
therightkey mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/therightkey
