I've chatted about this topic with a few folk, but have never formally
lodged a proposal. For what it is worth:
1. Encrypted/encyphered/whatever-you-call-it chunk: application/pem
This declares the chunk to be opaque to everyone except the pem application.
THere are no rules or restrictions on the nature of the content. Since
MIME can't know what's in there, it's none of MIME's business. If PEM
chooses to put MIME-like stuff in there, then that is fine but invisible
to MIME. After de-cryption, PEM gets to feed it back to a MIME processor,
separately.
2. Authenticated, or encrypted by visible chunk (e.g., this is something
basic like text and I don't mind your knowing the structure of my
message, but I won't let MIME see the raw data) seems to me best
handled by declaring data/descriptor pairs of chunks. A non-PEM
MIME engine then can process the data part, normally, saving the
handling of the descriptor part by a PEM-knowledgeable engine.
My suggestion for structuring this is:
Multipart/PEM
Text, Message, Audio,... or any other standard Content Type
Text/PEM, to contain the desciptor stuff.
Marshall has a different view of this, but I don't feel competent to
present it.
Dave