-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-Certificate:
MIICBDCCAY4CAQcwDQYJKoZIhvcNAQECBQAwbzELMAkGA1UEBhMCVVMxCzAJBgNV
BAgTAk1BMS4wLAYDVQQKEyVNYXNzYWNodXNldHRzIEluc3RpdHV0ZSBvZiBUZWNo
bm9sb2d5MSMwIQYDVQQLExpSZXNpZGVudGlhbCBUZWNoTWFpbCBVc2VyczAeFw05
MzA5MTcxNzMyMTlaFw05MzExMTYxNzMyMTlaMIGKMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCTUExLjAsBgNVBAoTJU1hc3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRl
Y2hub2xvZ3kxIzAhBgNVBAsTGlJlc2lkZW50aWFsIFRlY2hNYWlsIFVzZXJzMRkw
FwYDVQQDExBSb2JlcnQgVy4gU2hpcmV5MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB
AOXBzjHsVcBQlsEZmglLxlyJzP8mp8+pUmGIbcz/FSo7DRMsHdYBO0qRaRDrdOMv
zgCByCMZEj3zUsQ6h7oFiH0CAwEAATANBgkqhkiG9w0BAQIFAANhAOVCRuDhoLPc
NpZz85oKzMWgD8wZQ/FS06Ma7ysMjYcBxdGPs+eYl0uMs2/Jpm/TVvbq/mFl4KCI
XzLbNxLoNq5506S/ix4tZXEHUjUc8X2RlAgGzdQO0bi5dbLr8zUDmw==
Issuer-Certificate:
MIICBTCCAW4CAQMwDQYJKoZIhvcNAQECBQAwTjELMAkGA1UEBhMCVVMxCzAJBgNV
BAgTAk1BMTIwMAYDVQQKEylNYXNzYWNodXNldHRzIEluc3RpdHV0ZSBvZiBUZWNo
bm9sb2d5IFBDQTAeFw05MzA5MDcxODUwMDBaFw05NTA5MDcxODUwMDBaMG8xCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJNQTEuMCwGA1UEChMlTWFzc2FjaHVzZXR0cyBJ
bnN0aXR1dGUgb2YgVGVjaG5vbG9neTEjMCEGA1UECxMaUmVzaWRlbnRpYWwgVGVj
aE1haWwgVXNlcnMweTAKBgRVCAEBAgIDAANrADBoAmEA76aR7AFgJPQU1kYTXOEY
krVMNBx/Ps0Bnd4rU4d+Fc2LbCqzA62mcXgC77N9a4Vvrvw662XS91J0wjaPy52i
YPFWcycmKr1l+4eoEbRsDKh+q2IAcN/bxVh0Cb6aVEXxAgMBAAEwDQYJKoZIhvcN
AQECBQADgYEAVP7uVoNhhfiSnVFBg9V05/ke/GCsLuH1b2+UskKJn60RHUV8bjjg
g7QI2ni+n/Bt2eNyO5HF/VJJiwxNMzhWQf7laO3NQry3tJ0YM2ok7zoE4eokqReg
ATuvJZtT288tUNNPt8EDCDZFzlvpEWJy2TlaLnHKMLfbhvEcDh3KXwI=
MIC-Info: RSA-MD2,RSA,
udAsZkwgOUyguzzZTsAeByv/hl55aZc35FfoARsqsvssKqZHLxDC42T7+UkqbfbS
3aOlYzN6oapF6aToXJ/YKQ==
From the tone of your message, I suspect that my last message
was truncated, and should have been reordered. At the least, it was
misunderstood.
Rather than PGP bashing, I am calling for a harmonization activity.
Here it is again (reordered):
- --------------------------------------------------------------------
Nothing is "wrong" with PGP. However, I don't believe it is as fully
engineered as PEM, not as "complete", nor designed for the long-range
goal of scaling to the size of the Internet and supporting the full
range of Internet applications and users -- academic, government, and
commercial -- in "serious" applications. If PGP was so engineered,
it would have to look like much more like PEM.
What is needed is for someone in the PGP community to produce an
Internet-Draft documenting the PGP design, and explaining why it should
continue to live. That is, what are its non-PEM virtues? (E.g.,
Edward Vielmetti has suggested some reasons.)
Then, assuming enough agree that PGP should live, a way is needed for
PGP and PEM to interoperate. Because I, a "user", refuse to have to
devote resources to the care and feeding of two different email
security systems. Thus, an evolution/convergence plan is
needed.
I may be misinformed, but the following is a my summary view:
(1) We designed and engineered PEM for the long-haul, intending
Internet-wide deployment and use for purposes ranging from personal
mail to bills of lading to filing tax returns. PEM deployment has
been (grieveously) delayed by efforts to establish infrastructure
needed for a system of that scale.
(2) PGP began (apparently) with more modest goals, has or needs not much
infrastructure, has gained a following, but will have trouble scaling.
(3) The systems are so similar in their services THAT IT IS STUPID TO
HAVE TWO OF THEM!
PEM World PGP World
- --------- ---------
RFC 1421 No spec, no engineering for
In short, the "protocol", related protocols.
designed to fit with other
protocols in the Internet
suite and, "eventually", X.400.