[Top] [All Lists]

Re: Armour

1997-11-21 16:15:19

At 05:32 PM 11/20/97 -0800, Jon Callas wrote:
PGP objects (messages, keys, files, etc.) are constructed so as to not have
a lot of known plaintext in them. Whatever your opinion is about this, it's

Actually, the "bracketing" aspect of armouring is specifically about adding
known plaintext, so that the boundaries of the PGP data can be detect.
But, as you say, we digress...

Most of the present key servers, from the HTTP ones to the LDAP ones
transport their keys in armored form. The idea that the key server has to
have a MIME handler in it seems silly.

The web already supports MIME.  What seems REALLY silly is making it
support an additional mechanism for accomplishing the same functions.

People have been tending to refer to this debate as having to do with MIME
for email.  While it does include that, it's important to think larger.
MIME has become the Internet standard mechanism for wrapping 'documents'.
Not just for email.  

Again I would like to remind people that this debate is really about the
question of having PGP properly integrate into the Internet standards data
architecture or whether it wants to remain an independent effort (which one
might call a 'wart on the side' but that would sound more dismissive or
condescending than I really intend.)  

PGP objects are not just mail messages. Any data-thingie that you want to

That's correct.  They need to be MIME objects and MIME isn't just email.

encrypt can be put into PGP format, and if you don't trust raw binary,
armor works. Let me say this again, OP is *NOT* an email-encryption
standard, it is a data-object encryption standard (I'm quoting our esteemed

Right.  And MIME is a data packaging, labeling and protecting standard.
Each should try to focus on their own topics and not do the work of the other.

There are people who want to put PGP, especially OP, especially a
minimalistic OP into a number of limited environments -- pagers, PDAs,
smart cards (which are still a few years off, as they are *really*
limited). These people need to have a minimal set of things to implement.

If you think that these object will not already be doing MIME, you need to
look more closely into their product plans.

I think that it is wrong to make MIME a MUST feature. It is obvious to me

See above.

Dave Crocker                                          
Internet Mail Consortium                               +1 408 246 8253
675 Spruce Dr.                                    fax: +1 408 249 6205
Sunnyvale, CA 94086 USA              info(_at_)imc(_dot_)org ,

<Prev in Thread] Current Thread [Next in Thread>