Peter,
I'm very interested in understanding your message fully, but your
references to undermining the goals of the working group are not erxplicit
enough for me. Can you elaborate a bit? Let's leave aside the question of
whether ARPA and/or TIS is pursuing private goals; we can discuss that
later.
In our proposed integration of MIME and PEM, we've articulated multiple
goals. The syntactic integration of authentication and confidentiality
services into MIME has been a key objective, of course, but we have also,
quite explicitly, pursued two other goals in the process. These two goals
are:
1. Open up the naming system to accommodate methods of identifying subjects
other than X.509 distinguished names. This particularly includes the use
of email names, but also includes the options of using nothing more than
the subject's public key.
2. Open up the trust models to include more than one hierarchy and/or
non-hierarchical models. PGP's web of trust model is not supported
directly, but the buildihng blocks are pretty much there.
Both of these goals are motivated by experience with PEM without reference
to MIME. To put it another way, even if MIME did not exist and there were
no pressure to change the material in 1421, these two goals would still
exist. Similarly, except for the difficulty of finding a palatable way of
encoding an email name into an RDN, these goals have little to do with ISO.
Both of these goals are fundamental conceptual changes to the naming and
trust models. In this sense, the title "MIME-PEM integration" does not
encompass the full breadth of the goals of our proposal. I think,
however, that we have made it clear what these goals have been at each step
in the discussion.
If these are the goals you're referring to when you suggest we're
undermining the goals of hte working group, then I agree this needs careful
discussion.
Steve
--------------------
Steve Crocker
CyberCash, Inc. Work: +1 703 620 1222
2086 Hunters Crest Way Fax: +1 703 391 2651
Vienna, VA 22181
crocker(_at_)cybercash(_dot_)com