At 12:55 PM 10/22/93 -0600, Brad Huntting wrote:
If the difference refers "only" to the semantics of the certification,
but not to the bits and bytes of algorithms and functions, then there can
be a bridge between the two. Why not cross-certifying the (semantically)
different worlds and leaving it to the users to interprete the meaning
of the certification paths?
Alas, there is an algorithmic difference. PGP uses IDEA with 128 bit
session keys. There is currently no way to specify alternate
per-session encryption algorithms in the protocol. IMHO this needs to
be addressed in the next revision of the protocol.
brad
Acutally, I believe it is a little worse/different than that. I provide
the following because I believe that some major PGP "principals" have never
read the PEM standards documents.
PEM World PGP World
--------- ---------
RFC 1421 No spec, no engineering for
In short, the "protocol", related protocols
designed to fit with other
protocols in the Internet
suite and, "eventually", X.400.