On 08/10/2007, Ian G <iang(_at_)systemics(_dot_)com> wrote:
Well, like I say, the spec has to stop somewhere.
The spec for a single message should only define how a single message
is structured, I agree. No complaints with RFC2440 in that regard.
But...
Well, no, the spec stops before the application level.
Applications will need to do some extra stuff there, and if
GnuPG creates a format that can't be read by PGP Inc's email
program, then that's an app issue.
... if 2 apps supporting the same standard (and I mean OpenPGP in its
wider sense, not just RFC2440) which support the same set of
algorithms and suitable keys, can't actually talk to each other, then
I'm not sure what the point of the standard is.
The analogy would be if we'd defined the format of a SMTP mail
message, but left it up to individual developers as to how 2 mail
servers actually talked to each other. ("oh, that's just an
application issue....")
Applications do have that issue to deal with, yes.
E.g., PGP Inc's email program can't read the messages in
Jabber's chat implementation of OpenPGP ... but that's
because it can't read chat, and Jabber clients can't read email!
By current rules, 2 Jabber clients which both support OpenPGP wouldn't
necessarily be able to talk to each other unless they use the same
implementation....
Rachel