As the chief instigator of "Open-PGP", I intended this 'soon-to-be'
Working Group to specify the following...
1. PGP Cert (a.k.a. Key) Structure (including X.509 support)
2. PGP as a Public Key (Cert) Infrastruture
(we have *lots* of real life experience at MIT, and other places worldwide)
2. MUST algorithms for interoperability
3. correct use of the Trust Models
4. handling MIME
5. limited backwards compatibility with 2.6, 5.x
6. and of course, basic functionality of encrypt, sign, decrypt, verify
This might sound like way-too-much for the group to handle, but if we keep
to the basics on each topic, and leverage the implementation work that is
already done, we can move forward quickly. PGP is already the world's
largest PKI, we need to document and make modest enhancements. By having
few dependencies on other incomplete specification, Open-PGP will have
great benefit by being self contained. (I know I'll be slammed for bring it
up, but S/MIME relies on PKCS#1-10, ANSI, CCITT/ITU X.509V3, PKIX, RSASDI
and more.) Once the Open-PGP spec is complete, implement to the spec, and
compete in an open and fair market.
Charles