On Mon, 22 Nov 2004 14:47:21 -0800, Dave Crocker wrote:
> There are also some other goals that I think make this different than
> PGP or S/MIME. For example I think it is a goal of this system to avoid
> impacting the MUA display while for S/MIME and PGP the goal is
> specifically to display the authentication to MUA's.
there seems to be consensus for mass requiring no MUA changes. i've never
been aware of an mua related 'design goal' for pgp or s/mime.
I should have elaborated on this a bit more, since it touches an issue that
has been confusing for folks and, therefore, we should make a point of
agreeing
on it:
The authentication process is intended to produce input to the
receive-side filtering process. This may take place at any authorized agent
working on behalf of the recipient. However it need not include the MUA.
Bingo. If allowing this sort of thing is all we accomplish, we will actually
have accomplished quite a bit.
Back in the days of PEM/MOSS and early S/MIME and PGP, Jim Galvin and I labored
mightily to get discussion of this general approach included in various
specifications. But we were never able to, due to yet another case of letting
the best be the enemy of the deployable. Since the communication of the
authentication result may be secured in a variety of ways, including simply
passing the information across an internal link, it was deemed to be
insufficiently secure.
Ned