-----BEGIN PGP SIGNED MESSAGE-----
Let me clarify my position a bit. I think MIME is great, and PGP/MIME
is great. Both are necessary and I even use them from time to time.
However, I _don't_ use them for most email, by choice, because it
simply isn't useful. Instead, I clearsign everything (and occasionally
encrypt).
With ASCII armored messages, it is immediately obvious to the
recipient that the message was signed or encrypted, whether or not
they have a MIME-capable mail reader. It is also trivial, with few
exceptions, to invoke pgp and decrypt or verify the message, or to
use an sdk and do it internally. Futher, ASCII armored messages can
be shipped off to things that don't understand MIME at all.
I want to be able to send secure email to people who don't use MIME,
that is a very useful feature of PGP in the context of email, and I
don't see any reason at all to not include ASCII armoring in the draft.
There is an awful lot of utility in ASCII armoring, and it would be
unfortunate to "standardize" it out of future PGP implementations.
Especially considering how bloody easy it is to implement, relative
to PGP/MIME.
Dave Crocker / IMC writes:
PGP is about security. All of the wrapping and encoding mechanisms in PGP
were developed because none were available at the time it was first
developed. Things have changed. There are now standards to cover these
requirements. This means that PGP can focus on doing what it needs to do,
namely security, and it need no longer be burdened with assorted baggage
for segmenting and labeling the data or for protecting it against the
vagaries of transport.
Yes, PGP is about security, and requiring PGP users to use MIME mail
readers does not result in an increase in security. Quite the
opposite.
MIME does all that.
Why would you want to perpetuate unique, non-standard ways of doing
something that is both already covered in existing standards which are in
real use and getting more used?
IMO ASCII-armored PGP is not a competing standard on encoding
techniques, rather it is an integral part of PGP and security.
Regards,
Jeremey.
- --
Jeremey Barrett BlueMoney Software Corp.
Crypto, Ecash, Commerce Systems http://www.bluemoney.com/
PGP key fingerprint = 3B 42 1E D4 4B 17 0D 80 DC 59 6F 59 04 C3 83 64
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
iQCVAwUBNHNypy/fy+vkqMxNAQHJRgQAshf3peCjaP5rccFvSfA/zndKUo2d1YAW
FfLL+tyTSExY0hFY3ji6v0tT2E8/3dE3bGVJBv2ZTxM45RAh7laNhfAz61NH+7OB
jAEpcuHaagN+qL9Q6t9AhlHVpxzDTvuyVGgcgGMBGWuTrFdvW02oo+AyEOtYA0ah
5uPGCFOFCQY=
=1lW5
-----END PGP SIGNATURE-----