Hey everyone, A few of us at Verisign (actually, that would be Lynch Davis) have been working on a prototype for the SMIMEA draft. We have written a general library+API, we have integrated it into Thunderbird, and have begun integrating into Mail.app. Our plans are to publish this as open source at some point after the DANE workshop that will be taking place at ICANN 51 (where we will be demo'ing it). We ran into numerous interesting wrinkles and made some specific design choices, but at a high level the S/MIME prototype: - can sign - can encrypt - can decrypt (without writing clear text to disk) - can verify - and supports several features that are enabled through suggested additions.
With the foresight that zones may need to be delegated to accommodate churn and scale, some certificates may need to be selectively authenticated or deauthenticated (perhaps on a per-user basis), and the locations of certificate information may need to be managed in different places (some in the DNS, some in external locations), etc. we have made some operational choices to modify elements of the draft in our prototype. We intend to detail these in a follow-on email. We're hoping to show this off at the upcoming IETF too. Eric
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
