[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Proposal for stating key type in Commonline subject lines

To: "'PAUL LOGSTON'" <PLOGSTON@usagroup.com>, <cl-elec-exch@lists.glhec.org>
Subject: RE: Proposal for stating key type in Commonline subject lines
From: "Thien, Will" <will.thien@tgslc.org>will.thien@tgslc.org
Date: Fri, 20 Mar 1998 08:30:37 -0600
Sender: owner-cl-elec-exch@lists.glhec.org


I know this is just my ignorance. Can we just encrypt the attachments
and use the message area for other information like encryption type or
other things we could standardize ? This would leave the subject area
alone. Is the reason we only use the subject area is because of old
CompuServe design ?




> -----Original Message-----
> From:	PAUL LOGSTON [SMTP:PLOGSTON@usagroup.com]
> Sent:	Thursday, March 19, 1998 9:38 AM
> To:	cl-elec-exch@lists.glhec.org
> Subject:	Proposal for stating key type in Commonline subject
> lines
> 
> 
> [Adminstrivia: When I use the word "Decrypt", I actually mean "Decrypt
> and Verify Signature".  I'm just too lazy to type that every time.]
> 
> During last week's conference call, we determined that it would be
> useful
> to specify the key type (RSA or D-H/DSS) in the subject line in the
> message header, so we could know which key type to use to decrypt the
> message and verify the signature.
> 
> The reason we need to know this information is that we may be using
> two
> separate PGP products to decrypt files -- one for the RSA keys and one
> for D-H/DSS.  This is due to the fact that PGP's two programming
> interfaces (the Toolkit and the SDK) only support one key type each. 
> Specifically, the PGP/ViaCrypt Toolkit only supports RSA keys and the
> SDK
> only supports D-H/DSS.  And, since we are using different tools for
> each
> key type, we would likely need to keep separate key rings by key type.
> 
> All of this points to needing to know the key type used for the
> encryption
> before actually processing the file.
> 
> However, it is pretty late in the game to be changing the subject
> lines for
> CommonLine, since a lot of us (me included) already have code written
> that looks for and specifies the old subject lines.  So, specifying
> the key
> type must:
> 
> a) be optional, and
> b) be compatible.
> 
> There for, I propose adding an optional identifier after the old
> CommonLine
> subject string, but before the optional identifying information.  That
> identifier should simply be either "KEYRSA" or "KEYD-H", enclosed in
> brackets.  So, in general, our new subject line format would be:
> 
>     file-identifying-subject [KEYRSA | KEYD-H] <unique identifying
> number>
> 
> The reason for the delimiters around the key type is: a) it is more
> readable (IMHO) and b) it makes it easier to parse automatically.  The
> reason I added the phrase "KEY" to the identifiers is simply to drive
> home
> the purpose of the field.
> 
> For example, a CommonLine v3 App Send file's subject could look like
> this:
>     COM03 APP SEND [KEYRSA] <199803180017>
> 
> A CommonLine key update transaction with a Diffie-Hellman key would
> look like:
>     CL COMM UPDATE [KEYD-H] <USA GROUP GUARANTEE SERVICES>
> 
> Since the Key Type is optional, the following is a CommonLine v2 App
> Response using RSA keys:
>     COM96 APP RESP <GC19140201>
> 
> Comments?

Prev by Date: RE: Proposal for stating key type in Commonline subject lines
Next by Date: RE: Proposal for stating key type in Commonline subject lines-Reply
Prev by thread: RE: Proposal for stating key type in Commonline subject lines
Next by thread: RE: Proposal for stating key type in Commonline subject lines-Reply
Index(es):
- Date
- Thread