Stroeder.COM TF-LSD Meeting 2001-10-29

- 1 -

S/MIME Certificate Collector

Motivation Proposed Solution Discussion

Stroeder.COM TF-LSD Meeting 2001-10-29

- 2 -

Situation Today

LDAP directories accepted as PKIX repository but...

no globally working directory infrastructure LDAP hidden behind organizational boundaries

different ways for storing certificates in directory

E-Mail certificates are usually distributed via S/MIME (in-band) or HTTP (out-of-band)

no easy-to-use standard way for search & retrieval

Stroeder.COM TF-LSD Meeting 2001-10-29

- 3 -

Situation Today

User' s MUA

Org. CA

LDAP

LDAP(local certs)

User' s MUA

Org. CA

LDAP

LDAP(local certs)

Webinterface

LDAP(localcerts)

HTTP(non- standard)

S/MIME e- mail(user' s cert)

Organization BOrganization A

Stroeder.COM TF-LSD Meeting 2001-10-29

- 4 -

S/MIME Cert Collector

User' s MUA

Org. CA

LDAP

LDAP(all published certs)

User' s MUA

Org. CA

LDAP

LDAP(local certs)

S/MIME e- mail

(user publisheshis/her cert once)

Organization BOrganization A

S/M

IME

Cer

t Col

l.

Stroeder.COM TF-LSD Meeting 2001-10-29

- 5 -

Dealing With Local Directories

Accept existence of organizational directories as is:

Local naming conventions Naming transformation subject DN to LDAP DN Plug-ins

Access control (administration and firewalls) use widely accepted transport protocol crossing org. boundaries SMTP

Storage schemes (often depending on PKI products) Plug-ins

Stroeder.COM TF-LSD Meeting 2001-10-29

- 6 -

Why S/MIME e-mails?

SMTP is widely deployed protocol and crosses organizational boundaries like firewalls easily

S/MIME implemented in commonly deployed MUAs

Signed S/MIME e-mails contain sender's certificate (if configured)

Sender "publishes" his/her certificate by sending signed e-mail to certain e-mail address

Stroeder.COM TF-LSD Meeting 2001-10-29

- 7 -

Privacy

Adding his/her certificate has to be intention of user

User himself/herself publishes by sending e-mail to a certain address

Signature has to be validated, maybe From: header in the signed body

Privacy requirements have to be met by organizational directory

Stroeder.COM TF-LSD Meeting 2001-10-29

- 8 -

Access Control

Possibly data is reviewed by local directory administrator before being added

Signature has to be validated against trusted root certificate

Access control within organizational directory is subject of directory's configuration

Stroeder.COM TF-LSD Meeting 2001-10-29

- 9 -

Directory Access

Directly write to LDAP directory

Add new entries if necessary Modify existing entries (e.g. search by e-mail

address) Write data for review and bulk upload (LDIF,

DSML)

Write replication log

How's data removed?

Stroeder.COM TF-LSD Meeting 2001-10-29

- 10 -

What it is, what it is not

It is a

practical solution for a common problem

a flexible tool

It's not a

complete replacement for a global directory infrastructure

mail2ldap gateway

coffee machine

Stroeder.COM TF-LSD Meeting 2001-10-29

- 11 -

Discussion

User acceptance? Required features? Security aspects? Privacy aspects?