>From: schneiw(_at_)darmstadt(_dot_)gmd(_dot_)de (Wolfgang Schneider)
>Subject: Re: DSS Key distribution
>Date: Fri, 22 Jul 1994 20:09:15 --100
>> How are these implementations performing key distribution,
>> content security and confidentiality, and token covering?
>
>Our PEMWithDSS is for test only. The user has a DSA key pair for
>signing and verifying, and an RSA key pair for DEK distribution.
I have to say Im increasingly impressed with the MIME world; it does
work, clearly, and has begun providing me personally with an integrated
ftp/gopher/email information management process through a MIME-enabled
UA. I nowadays fail to be able to read about 30% of Internet mail, but
the other 70% is certainly more functionally-enabled than with previous
deployments.
So, on reading the latest MEP I-D, one has to note that the building of
privacy services upon a signature service has been dropped - versus the
competitor and much simpler PEM RFCs. A claimed advantage is that
different services may use different key sets, and (logically)
different algorithm suites. This is perfectly in consort with your
current approach, though it really assumes the MEP spec's functionality
and authentication-oriented design.