On 1/04/2015 19:57 pm, Stephen Farrell wrote:
It would also really help me (and I suspect others) evaluate
messages if you could say something about how you fit into
the openpgp universe ...
In the period 1995-2002 approx I managed a team called Cryptix which
produced Java & Perl implementations of PGP 2 and then OpenPGP. This
was originally written to support a payments system that based its
crypto/security packets on PGP. (Sometime around 2012 I replaced the
Cryptix & OpenPGP with a custom cut-down internal design I call SKF for
SOX Key Format.)
option 4: move beyond openpgp (or smime) to develop a new
flavour of end-to-end security for interpersonal messaging,
possibly not that tightly coupled to email, but at least
supporting an email flavour
...
option 4t: option 4 + add some trust model/key management
Option 4t is what I would favour.
The reason being that I have since replaced all the direct OpenPGP code
with my own design, because it's more efficient (lean, easier to hack),
and it meets the needs of the late 2000s identity concept I work to. I
wouldn't go backwards but I could possibly go forward to a newer
design/architecture that incorporated much of the new knowledge.
And, say options 3t or option 4 is also possible to a lesser extent.
iang
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp