Certificate directorys

Gateway
1

lst_hoe02(a)kwsoft.de wrote:

at least in theory there should be some certificate directorys available
to search for the public key of a given mailaddress. This lead to some
questions e.g.

- Are there really some known "certificate yellow pages" available for
public?

- Would Djigzo be able to use such a directory to request public keys?

Good idea!

This has been on my mind for some time now. To create a publicly
accessible certificate store (yellow page like you named it). The
certificate server can periodically query existing certificate servers
(like Verisign) for updated certificates and allow users to upload their
certificates.

Djigzo, or any other S/MIME solution, can then query the server for
certificates.

Need to find some time though to build it :slight_smile:

ยทยทยท

--
Djigzo open source email encryption

2

Zitat von Martijn Brinkers <martijn(a)djigzo.com>:

lst_hoe02(a)kwsoft.de wrote:

at least in theory there should be some certificate directorys available
to search for the public key of a given mailaddress. This lead to some
questions e.g.

- Are there really some known "certificate yellow pages" available for
public?

- Would Djigzo be able to use such a directory to request public keys?

Good idea!

This has been on my mind for some time now. To create a publicly
accessible certificate store (yellow page like you named it). The
certificate server can periodically query existing certificate servers
(like Verisign) for updated certificates and allow users to upload their
certificates.

As said in theory this "yellow pages" are already available but i have
found only one (meta-directory) so far at
ldap://directory.bridge-ca.org.
At least in germany every CA providing services like "qualifizierte
elektronische Signatur" should have one too, but i have not found one
yet.

Djigzo, or any other S/MIME solution, can then query the server for
certificates.

Some comercial solutions already does something like that. It could be
as simple as do an LDAP query i guess. Uploading our own certificates
would be more difficult as it normaly require that you are subscribed
of some sort at the provider.

Need to find some time though to build it :slight_smile:

Sorry for imposing that much work :wink:

Many Thanks for the fine Gateway BTW

Andreas