The problem is that the client does not want to download the object at all,
either because they only want to look at a particular body part and the
entire message is encrypted (Cyrus' example) or they wish to forward the
message without downloading it to their client.
-----Original Message-----
From: pgut001 [mailto:pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz]
Sent: Saturday, March 12, 2005 10:34 PM
To: eburger(_at_)brooktrout(_dot_)com; ietf-openpgp(_at_)imc(_dot_)org
Cc: gparsons(_at_)nortelnetworks(_dot_)com
Subject: Re: Split Implementations of PGP
Eric Burger <eburger(_at_)brooktrout(_dot_)com> writes:
So, the question is, are there implementations of PGP where one can:
1. Extract the encrypted session key from the PGP-encrypted object
2. An API for handing over the encrypted session key and the
client key,
returning the clear session key (this would run on the
remote client).
3. An API that takes the clear session key and the
PGP-encrypted object and
returns the cleartext object.
Why not have the client decrypt the session key, re-encrypt
it with the
server's public key, and send it back? Any version of PGP
supports this, and
it solves the difficult problem of "an API for [...] the
client returning the
session key".
Peter.