<snip how S/MIME works>
OK, I knew all this. What's your point?
No! What I described is not how S/MIME works. S/MIME is a protocol for the
exchange of signed and encrypted messages and/or MIME parts. What I
described is the security environment in which S/MIME implementations have
to operate. What I, and I think Paul, have been trying to say is that
S/MIME (the protocol) is not broken, and that S/MIME implementations from
MS, NS, and IBM running in a common security environment (in practice, the
basic environment specified by the standard) inter-operate well. The
problem, which I think you are identifying, and with which I, and I think
Paul, completely agree is the absence of a common security environment, or
rather the presence of so many different ones. This situation is made
worse by legal prohibitions on providing plugable crypto interfaces. It
would be technically easy for S/MIME and other application to employ a set
of APIs (even better we could standardize them) to crypto packages. Sadly,
this remains illegal in many countries including USA.
Nick
Nick Shelness
Independent Technology Consultant
Fellow - Differéntis Ltd.
Advisor - Oak Investment Partners
Contact Details
Office Tel: +44 (0) 1828 640 632
Office Fax: +44 (0) 1828 640 647
Internet email: nick(_at_)old-mill(_dot_)net
Short message: +44 7753 566460 or page(_at_)old-mill(_dot_)net
AOL instant messaging: NickShelness
MSN instant messaging: nh_shelness(_at_)hotmail(_dot_)com
Yahoo instant messaging: NickShelness
Snail mail: The Old Mill, Meigle, Perthshire, PH12 8TJ, UK