After reading the latest batch of correspondance, I'm depressed.
PEM works doesn't it?
but the tie in with X.500 might be the straw that breaks it's back..
There will always be many different directory systems apart from X.500
So whilst PEM certs might be able to be put into X.500 systems, should
it be a requirement?
I can see that a site like ours will NOT have all mailable entities in
our X.500 directory. (Our Admin lawyers do not want students in our directory)
I need signed email now! ( just having to sort out a major bout of email
spoofing).
although PEM uses digital signatures, it isn't the only way and things like
EDI and other potential uses of PEM are not really part of the PEM system
they already have digitally signed info and nested signed documents
have no extra meaning. (What I am trying to infer is that other uses of
digital signatures that might be used with PEM are not part of PEM and therefore
don't need to have their problems solved before PEM hits the streets)
Deployment of PEM will be greatly eased once the PEM-MIME stuff is resolved
since most mail/news agents now in use understand MIME. So adding PEM does
not require any major effort. (assumes that the PEM-MIME stuff does not need
to extend MIME to far).
I have seen awareness articles in the computer press about PGP but not much
about PEM.
Pete.