Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?

On Fri 2016-07-01 09:33:04 -0400, Hanno Böck wrote:
> IMHO a big problem with e-mail encryption is that there are two
> competing "official" standards: OpenPGP and S/MIME. Both are RFCs, so
> both have a kinda "official" IETF approval.
> I think it was a big mistake to create two competing standards in the
> first place, but that was back in the 90s. So we may ask if we want to
> live forever with this situation or if it can be fixed.
I agree with Hanno that this is a real concern, but we're currently
chartered with a simpler goal: revising the OpenPGP standard to use
sensible modern crypto going forward.  If we can do that well, then i'd
be all for thinking about a PGP/MIME update also, but i'd rather not
hold up 4880bis on this.

I think we should be clear about what it would take to do what you're
proposing; there are two main angles:

* certificate interoperability (OpenPGP certs vs. X.509 certs)

* message interoperability (PGP/MIME vs. S/MIME)

We should avoid foreclosing either form of interop with 4880bis, and if
simple modifications to 4880bis point the way toward easier future
interop without bogging down the process, including them would be fine.
But anything that obstructs or delays the goals of the charter should
probably be put off for future work.

(and remember: if we sort out 4880bis rapidly, "future work" doesn't
have to mean "the far future" -- let's show that we can get a
straightforward 4880bis done this year or early 2017 at the latest!)

      --dkg

signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp