I don't consider myself a detailed MIME expert, but informal
conversations at the San Diego IETF suggested two desirable coexistence
properties that would hold without changes to the PEM specifications:
(1) that PEM body parts can be accomodated within MIME-structured
messages and (2) that MIME-structured messages can be protected (in
their entirety, though at the cost of redundant encoding) using PEM.
As a party to some of the informal discussion in San Diego, there was a
third option, Using the labeling and encoding framework of MIME to mail PEM
objects. PEM and MIME use the same base 64 encoding mechanism.
This allows a small level of harmonization without greatly changing PEM
itself. Because MIME allows the transport of arbitrary Binary
documents, there is a possibility that PEM can be defined in such a way
that the unencoded encrypted message can be carried "raw" in MIME.
This is useful to systems which perform "local" delivery where there is
no 7 bit restrictions.
I understand that a PEM message is as much a stand alone "object" as it
is a mail message, and so to make PEM in any way dependent on a "Mail"
standard is undesirable. As is, all PEM headers are part of the
"body" and appear to be protocol independent. To use PEM with Mime
effeciently and take advantage of the built-in encodings, the "object"
should be defined in terms of the binary object, not the bast64 encoded
version.
To effeciently fit PEM into the MIME model What this third
possiblity entails is changing the definition of the "object" from one
which is encoded in base 64 to one which is unencoded.
To Mail a PEM "object", you can specify the use of MIME. This does
not imply that one must implement all of MIME to send or receive a PEM
document. A mimiman specification for PEM to make it MIME compable
is the following.
Mime-Version: 1.0
Content-type: Application/PEM
Content-encoding: base-64
I believe that with these headers in place, the actual included body will be
exactly the same as is currently specified. The model may be changed slightly,
but the result is the same.
By using the model that a PEM "object" in raw binary, and using the
MIME framework for sending that "object", you
1) gain the ability to automatically detect a PEM message using
soon-to-be-standard mechansims
2) re-use lots of code should you decide to implement full-mime later
3) reduce local storage requirements to hold a PEM "object"
4) Leave open the possiblilty of effeciently using a "binary"
mail system should one arise in the future.
Greg Vaudreuil
Chairman , Internet Message Extensions Working Group.