ietf-openpgp
[Top] [All Lists]

Split Implementations of PGP

2005-03-11 10:11:19

Background:
I am a co-chair of the lemonade work group in the IETF
<http://www.ietf.org/html.charters/lemonade-charter.html>.

One thing we would like to do is enable a remote client to fetch the
encrypted session key from an IMAP server, decrypt the key using the
client's key, and then handing back the clear session key to the IMAP server
to decrypt or verify a message or body part.

So, the question is, are there implementations of PGP where one can:
1. Extract the encrypted session key from the PGP-encrypted object
2. An API for handing over the encrypted session key and the client key,
returning the clear session key (this would run on the remote client).
3. An API that takes the clear session key and the PGP-encrypted object and
returns the cleartext object.

Note that this is different from the normal case of an API that takes the
client's key and the PGP-encrypted object and simply returns the cleartext
object.

We have heard from the S/MIME community that there are API's that allow this
functionality over S/MIME.

Thanks.


<Prev in Thread] Current Thread [Next in Thread>