hal(_at_)finney(_dot_)org writes:
What about S/MIME? It doesn't say anything about what you do when spooling
data to disk in order to calculate a signature on it, does it? Do these people
you know say that S/MIME shouldn't become a standard either?
S/MIME is one-pass, it wouldn't spool anything to disk unless it's badly
written (that doesn't mean it doesn't contain some serious braindamage, like
the ridiculous base64 encoding at each level to bloat up the size and provide
known plaintext for attackers, but forcing you to spool data to disk isn't one
of its problems).
Peter.