Unique naming of electronic mail users, as is needed in order to select corresponding keys correctly, is an important topic and one which has received (and continues to receive) significant study. For the symmetric case, IK components are identified in PEM headers through use of mailbox specifiers in traditional Internet-wide form ("user@domain-qualified-host"). Successful operation in this mode relies on users (or their PEM implementations) being able to determine the universal-form names corresponding to PEM originators and recipients. If a PEM implementation operates in an environment where addresses in a local form differing from the universal form are used, translations must be performed in order to map between the universal form and that local representation.
The use of user identifiers unrelated to the hosts on which the users' mailboxes reside offers generality and value. X.500 distinguished names, as employed in the certificates of the recommended key management infrastructure defined in RFC 1422, provide a basis for such user identification. As directory services become more pervasive, they will offer originators a means to search for desired recipients which is based on a broader set of attributes than mailbox specifiers alone. Future work is anticipated in integration with directory services, particularly the mechanisms and naming schema of the Internet OSI directory pilot activity.