mrose@UDel-Dewey.ARPA (07/02/85)
From: Marshall Rose <mrose@UDel-Dewey.ARPA> [ You normally don't see this type of message sent out... ] Some friends and I have been working on a paper for an upcoming IFIP symposium, which may be of some interest to you. I've included an abstract of the paper. If you'd like a copy of the current paper (in draft form), reply to this message saying so (MRose@UDEL in the ARPA Internet). The paper will NOT be transmitted electronically, so you'll need to supply a USPS address. The paper's about a "trusted mail" system. We believe that it lets you send "secure" mail by encrypting it, and by handling ALL key management automatically (after the initial bootstrap). The prototype system has been running since December of last year in a 4.2BSD environment. Before I give the abstract, here are the usual disclaimers: 1. When the paper gets published, IFIP will hold the copyright on the paper, until then my friends and I (aka TTI) do. 2. This message is not meant to be an endorsement of ANY kind. I believe that this system is the first of it's kind in a non-military environment, and I would like comments back from an informed populace (i.e., the net). ----- Accepted by IFIP TC-6: Second International Symposium on Computer Message Systems Design of the TTI Prototype Trusted Mail Agent Marshall T. Rose David J. Farber Stephen T. Walker ABSTRACT The design of the TTI prototype Trusted Mail Agent (TMA) is discussed. This agent interfaces between two entities: a key distribution center (KDC) and a user agent (UA). The KDC manages keys for the encryption of text messages, which two subscribers to a key distribution service (KDS) may exchange. The TMA is independent of any underlying message transport system. Subscribers to the KDC are known by unique identifiers, known as IDs. In addition to distributing keys, the KDC also offers a simple directory lookup service, in which the ``real-world'' name of a subscriber may be mapped to an ID, or the inverse mapping may be performed. This document details three software components: first, a prototype key distribution service, which has been running in a TCP/IP environment since December, 1984; second, a prototype trusted mail agent; and, third, modifications to an existing UA, the Rand MH Message Handling system, which permit interaction with the prototype TMA. -----