On Sun, 31 Jul 2005, EKR wrote:
How? Checking the PEM-related RFCs, PEM does nothing with the message
header fields. For non-PEM aware MUAs, PEM-specific data is visible
to the human. (BTW, what is the percentage of MUAs that support PEM?)
Huh? PEM puts the signature in a header, just like DKIM.
Regarding PEM, I've just checked some of its archives and it appears they
have considered dns for public key retrieval and verification, its mentioned
in at least 3 messages from 1995 (as reference to using public key from
dnssec's KEY RR - that is where 'email' as one of the protocols in RFC2535
section 3.1.3 probably came from).
I'd like to reference those messages here, but unfortunately PEM archives
(at least the copy I found) are not referenceable and consist of full mbox
files for each year - see
http://ftp.sayclub.com/pub/ietf/concluded-wg-ietf-mail-archive/pem/
Perhaps somebody maybe willing to convert that into searcheable form
or if its ok I can directly quote part of their message and you're
free to confirm it manually with archive data.
I do think this is important because to me it appears to invalidate
any patent claims that maybe made in regards to email signing with
public key data coming from dns.
---
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net