[Top] [All Lists]

Re: Armour

1997-11-21 17:49:22
On Fri, Nov 21, 1997 at 01:27:38PM -0800, Dave Crocker / IMC wrote:
One more time, folks:  If you are using the absence of MIME from some
current usage of email then you are using a fundamentally flawed argument.
MIME is being adopted.  The rate of adoption (i.e., growth in use) is
proceeding nicely.  We are not early in the process, so the assessment does
not represent fantasy.

I don't know if this is the argument, but I am not sure I believe that
it is flawed, in any case.  "Widespread" adoption of MIME is not the
same as "universal" adoption of MIME.  It is quite possible that
"simple" mailers will persist for another 10 or more years. 

In particular, the fact that simple MUA interfaces appear in many many
scripts, cgi programs, and so on virtually guarantees a 10 year 
lifetime.  So think about the following:

        mail $user <$file

Imagine it is embedded in a cgi script, possibly sending a requested 
file to a user.  How do I leave an encrypted file on disk so it can 
be sent?

If you are noting that some use of PGP is, or can be, outside of
environments that use MIME (i.e., not Internet mail and not the Web), then
you are right that they would have to add MIME support to work.  What you
are missing is that MIME has become the standard way of solving such
packaging, labeling and protecting requirements for the net.  

The claim is that PGP has uses independent of the net [so IETF
standardization?] -- that is, independent of the problem of
transmitting data securely over the net; and it really may be that
MIME is not the best way to support *those* uses. 

I am not an expert in either MIME or PGP, so I may just be blowing
smoke.  But perhaps there may be some actual technical issues here. 

In particular, what format would MIME leave encrypted files on disk so
my above simple archaic email example would work?  How well does MIME 
work with stored objects?  How does the MIME standard actually deal with 
stored objects?

Here's another use for ascii armor -- suppose I want to send an 
encrypted file via email and I *don't* want it to be automatically 
presented for decryption?  How do I instruct PGP to produce such a 

Kent Crispin                            "No reason to get excited",
kent(_at_)songbird(_dot_)com                    the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55

<Prev in Thread] Current Thread [Next in Thread>