What's broke: The term "privacy enhanced mail" emphasizes the privacy
aspect of PEM and does not mention integrity or authentication. I
also find the use of "enhanced" a bit strange stylistically.
The fix: The acronym is useful, so working within the acronym, the
term Protected Electronic Mail (or Protected E-Mail) fits nicely.
Steve's right. The reason why PEM hasn't been adopted more widely is that the
name is all wrong. :-)
I've thought about this a great deal, and proposed and rejected several
alternatives. The first was Privacy Integrity Guaranteed (PIG). We could also
rename PGP Privacy Integrity Guaranteed Lightweight Encryption Transport
(PIGLET). but that might offend someone, and give rise to a lot of pig jokes.
We already have a PING, but Privacy Optional Nonrepudiation Guaranteed (PONG)
has a nice ring to it. Of course, if some folks have their way and insist on
using DNs that don't correspond to real people and therefore don't provide a
basis for real nonrepudiation, we could have Privacy And Nonrepudiation Gamble
(PANG).
However, the new version will presumably fix all of the problems of the old
one. I therefore humbly suggest that it will be a true panacea, and should be
recognized as such with an appropriate name:
Privacy
And
Nonrepudiation
Anonymous
Communication
Encryption
Applique
Bob
Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254
617/466-2820
Jueneman(_at_)GTE(_dot_)COM