There continues to be disharmony between some of the mailing list
participants on the subject of what PEM is, or is not; what services
must or may be provided.
The standard-track requires a number of engineering conditions for the
promotion of PEM RFCs to draft standard, and Internet standard status.
These include evidence of consensus, and the adoption by
implementations external to the formal working group members of all the
fundamental tenets of the design, including all manadatory features.
The key distribution protocol of PEM is mandatory, for implementations
of PEM, or any product claiming conformance to PEM. The asynchronous
key management and related distribution features are however optional as a
complete functional group, it might be noted.
Steve Kent is correct to insist on conformance to all specified
features and technicalities of both the identity and key distribution
protocols stated in the specifications, for implementations which claim
conformance.
We should, a joint working group and IETF mailing list community, aim
to demonstrate via this media and ny other means that the conditions
for specification promotion are being met. (This objective has been a
goal of all our own submissions concerning PEM specifications for some
time.) Thus it is valid to ask people who make statements to classify
their participation in terms of their contribution to the goal. Vendors
are one very important group; but their purely market-driven
perspective is only of the fators which make a given Internet protocol
successful.
PEM now requires the participation of independent vendors. Vendors
will of course attempt to match the deployent of PEM to the needs of
their customer base. However, vendors who are seeking to exploit PEM
must adopt all its assumptions and mechanisms. They must not challenge
the very technology they are seeking to exploit; they may deploy it
however they wish. A service should only be named PEM, or include PEM
in the literature material, if it conforms to the protocol to the
greatest extent possible.