Ian Grigg <iang(_at_)systemics(_dot_)com> writes:
Rodney Thayer wrote:
From: lutz(_at_)taranis(_dot_)iks-jena(_dot_)de (Lutz Donnerhacke)
IMHO: We can't document features or bugs made by a company while we are
working on the draft. We can't document bugs as features. Several
implementation flaws of PGP 5.x must be cleared in this draft.
Exactly what flaws of PGP 5.x that manifest themselves as aspects of the
message format are you referring to?
Anything to do with CMR. This issue is well documented elsewhere,
elsetime, so I won't repeat it here (let me know if I should summarise).
Seconded -- no CMR.
Experimental new features should be implemented outside the standard.
IETF is supposed to document current practice, not bleeding edge
experiments of one vendor -- standards lag behind, and that's the way
it should be.
It is possible to implement functionality extensions interoperably
outside the standard in that a proprietary extension can be used only
for communications between so enabled software. The same kind of hack
to distinguish recipient type can be used as is currently used to
distinguish between things like pgp2.x, cryptix2.2.2 and pgp5.x -- the
keys have different version numbers.
The main manifestation of this that I know of is the addition of a
CMRK subpacket in the signature packet.
I vote this does not go in.
If this goes in, everyone will be arguing for their favourite
extension of the day to go in, and there will be a messy political
argument, so lets please get this draft out without further argument.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`