From pem-dev-request(_at_)magellan(_dot_)TIS(_dot_)COM Thu Feb 10 17:39:04 1994
Summary.
By using a self-signed certificate in the Originator-Certificate
field and using the new Recipient-Key-Asymmetric field, the PEM
model can be extended to support privacy enhanced mail without
the need for a pre-established certificate hierarchy.
The PEM software I have written already supports this kind
of out-of-band bilateral key agreement (using self-signed certificates),
in order to support small groups of PEM users. RFC 1422 does a
great job of defining a trust model for large groups of users and
doesn't say much about a small group of users. Most things large start
out small, however.
Ashar.
PS. [Soon as the legal folks clear this, I will be making
the prototype software freely available over the Internet, with the
usual disclaimers, of course; hopefully through RSADSI's
anon server. I have verbal agreement from Sun management for this.
This is PEM software with GUIs for Sun sparcstations.]