Upload
bonnie-flynn
View
212
Download
0
Embed Size (px)
Citation preview
Stroeder.COM TF-LSD Meeting 2001-10-29
- 1 -
S/MIME Certificate Collector
Motivation Proposed Solution Discussion
Stroeder.COM TF-LSD Meeting 2001-10-29
- 2 -
Situation Today
LDAP directories accepted as PKIX repository but...
no globally working directory infrastructure LDAP hidden behind organizational boundaries
different ways for storing certificates in directory
E-Mail certificates are usually distributed via S/MIME (in-band) or HTTP (out-of-band)
no easy-to-use standard way for search & retrieval
Stroeder.COM TF-LSD Meeting 2001-10-29
- 3 -
Situation Today
User' s MUA
Org. CA
LDAP
LDAP(local certs)
User' s MUA
Org. CA
LDAP
LDAP(local certs)
Webinterface
LDAP(localcerts)
HTTP(non- standard)
S/MIME e- mail(user' s cert)
Organization BOrganization A
Stroeder.COM TF-LSD Meeting 2001-10-29
- 4 -
S/MIME Cert Collector
User' s MUA
Org. CA
LDAP
LDAP(all published certs)
User' s MUA
Org. CA
LDAP
LDAP(local certs)
S/MIME e- mail
(user publisheshis/her cert once)
Organization BOrganization A
S/M
IME
Cer
t Col
l.
Stroeder.COM TF-LSD Meeting 2001-10-29
- 5 -
Dealing With Local Directories
Accept existence of organizational directories as is:
Local naming conventions Naming transformation subject DN to LDAP DN Plug-ins
Access control (administration and firewalls) use widely accepted transport protocol crossing org. boundaries SMTP
Storage schemes (often depending on PKI products) Plug-ins
Stroeder.COM TF-LSD Meeting 2001-10-29
- 6 -
Why S/MIME e-mails?
SMTP is widely deployed protocol and crosses organizational boundaries like firewalls easily
S/MIME implemented in commonly deployed MUAs
Signed S/MIME e-mails contain sender's certificate (if configured)
Sender "publishes" his/her certificate by sending signed e-mail to certain e-mail address
Stroeder.COM TF-LSD Meeting 2001-10-29
- 7 -
Privacy
Adding his/her certificate has to be intention of user
User himself/herself publishes by sending e-mail to a certain address
Signature has to be validated, maybe From: header in the signed body
Privacy requirements have to be met by organizational directory
Stroeder.COM TF-LSD Meeting 2001-10-29
- 8 -
Access Control
Possibly data is reviewed by local directory administrator before being added
Signature has to be validated against trusted root certificate
Access control within organizational directory is subject of directory's configuration
Stroeder.COM TF-LSD Meeting 2001-10-29
- 9 -
Directory Access
Directly write to LDAP directory
Add new entries if necessary Modify existing entries (e.g. search by e-mail
address) Write data for review and bulk upload (LDIF,
DSML)
Write replication log
How's data removed?
Stroeder.COM TF-LSD Meeting 2001-10-29
- 10 -
What it is, what it is not
It is a
practical solution for a common problem
a flexible tool
It's not a
complete replacement for a global directory infrastructure
mail2ldap gateway
coffee machine
Stroeder.COM TF-LSD Meeting 2001-10-29
- 11 -
Discussion
User acceptance? Required features? Security aspects? Privacy aspects?