Yes there should be interoperability but that does not mean that the protocol
is going to mandate BASE-64 encoded lossage. The protocol will not work
unless
the line is 8-bit clean period. The PEM encapsulation mandates restriction to
7 bit. Thus when using S-HTTP the prefered mode is PKCS-7. PEM and PGP are
optional.
Well, we started off with "We should have interoperability at the key
certificate level ... But the idea that there should be a common encapsulation
is simply wrong." and now we have interoperability but not necessarily BASE-64
encoding. Is there possibly a common ground after all?
At this point, a good question might be "What does secure http require that PEM,
MIME-PEM, ... does not provide?" I don't mean "what are the differences in
implementation", rather what would have to be added to support shttp?
Unless there are attributes in the certificate that ca be used to limit its
validity they are inappropriate for use on the Web.
Similar question, what are those attributes? What would be required?
Whats a mere 250,000 users anyway I'm more worried about the other 95% of the
population. :-)
What 250,000 users? Do you mean the population of the U.S.? If so, you missed
by a few orders of magnitude. Did you compose your response on a Pentium
machine? :-)
On a serious note, many countries have import restrictions on encrytpion as
well. This will likely affect your download scenario.
Phil Smiley