CA influence over confidentiality

[Adam Back]

I have been trying to work out exactly what a CA can do to influence
what crypto you the user can use, by means of the flags the CA can set
in the certificate they provide you with.

Lets consider that people who can use alternate software or write
their own software are not interesting in this discussion, so the
questions I am asking are based on the presumption that the user is
using netscape's mail client, or one of the microsoft offerings.

The CA wants to restrict what crypto you can use with S/MIME, he might
want to:

- prevent you using over 40 bit crypto

- prevent you boot-strapping confidentiality by use of the CA provided
  certificate on your authentication key

Can this be done with current netscape and microsoft mail clients?

I am thinking for example of a DTI licensed CA providing X.509
ceritifcates which chooses to provide certification services for
authentication only.  Can the CA prevent the certificate from being
used to obtain confidentiality, or confidentiality over a certain
strength.

(Aside from the problem that most deployed mail clients are using 40
bit crypto anyway because of US crypto regs.)

Adam
-- 
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`