Proposal of a suggested protocol for an interactive, real-time cryptographic 'key' server
draft-merriman-realtime-key-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | David K. Merriman | ||
Last updated | 1997-01-03 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
With the increase in privacy-enabling cryptographic software, there exists the growing problem of verification of the 'validity' of a cryptographic 'key'. That is, the recipient of (for example) a PGP-signed email message from an unknown person generally has no ready, convenient means to verify that the 'signature' on the message actually belongs to the sender. To verify the relationship between a cryptographic 'key' and an identity (real or anonymous), it is necessary for an individual to contact one of several existing 'manual' keyservers as a separate process, request the key (if it exists on that keyserver), and retrieve it before being able to use it for any reference or validation purposes. This draft is meant to propose a protocol/system that would both enable the automatic retrieval of cryptographic keys, and the exchange of keys between servers (both new keys, and those deleted through revocation certificates). This proposal could be extended to allow retrieval of cryptographic certificates and/or 'credentials' with relatively minor difficulty.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)