-----Original Message-----
From: Craig McGregor
I would prefer to see a solution that utilised existing
standards signature formats. Right now we do not any
proposals that use either PGP or S/MIME - but I'm sure that's
resolvable :)
Correction - Sorry, went back through unread e-mail and archives - the
paragraph above simply isn't true.
The proposed solutions that use existing signature structures (e.g.
S/MIME) are not receiving the same amount of "advocacy" as the proposals
that propose to invent new signature or verification schemes. This is a
somewhat surprising because existing running code is always preferable
and S/MIME already has many independent implementations. There really
would need to be some pretty good reasons to ignore S/MIME structures
and create something new. What are they?
The S/MIME related proposals seen thus far:
Entity to Entity S/MIME is perhaps the closest proposal to existing
S/MIME gateway implementations
Microsoft E-mail Postmarks uses S/MIME structures but at a brief glance
does not seem detail usage scenerios
MTA Signatures suggests an S/MIME structure with the signature stored in
a different content type in order to obfuscate the signature from being
recognised as an S/MIME signature in legacy MUA's that already support
MUA<-->MUA S/MIME.
Each of these proposals suggest alternative means of establishing trust
to traditional MUA S/MIME implementations.