A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Using Secure DNS to Associate Certificates with Domain Names For S/MIME
Author(s) : P. Hoffman, J. Schlyter
Filename : draft-hoffman-dane-smime-00.txt
Pages : 8
Date : 2011-03-03
S/MIME uses certificates for authenticating and encrypting messages.
Users want their mail user agents to securely associate a certificate
with the sender of an encrypted and/or signed message. DNSSEC
provides a mechanism for a zone operator to sign DNS information
directly. This way, bindings of certificates to users within a
domain are asserted not by external entities, but by the entities
that operate the DNS. This document describes how to use secure DNS
to associate an S/MIME user's certificate with the the intended
domain name.
IMPORTANT NOTE: This draft is intentionally sketchy. It is meant as
a possible starting point for the DANE WG if it wants to consider
making a protocol similar to TLSA, as described in
draft-ietf-dane-protocol, but that applies to S/MIME. The WG may or
may not want to adopt such work, or if it does, may want to use a
very different scheme from the one described here.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-hoffman-dane-smime-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-hoffman-dane-smime-00.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
