Phil Smiley <PLS(_dot_)DSKPO27B(_at_)dskbgw1(_dot_)itg(_dot_)ti(_dot_)com>
writes:
Interoperability. For example, an encrypted message received via e-mail
(under
rfc1421) should be forwardable using MIME without reformatting the message
for
MIME-PEM format. There will be other situations where data will need to be
shared by different applications. Also related to interoperability,
customers
will not accept a proliferation of public keys to support a number of
applications providing similar encryption services.
Here is what I meant to say earlier (sorry about the previous garbled message):
It is possible now to attach an rfc1421 message as a message/rfc822 attachment
to a MIME message. That is the only way I could see forwarding such a message
"without reformatting."
Key management is my greatest concern for the future of PEM. The MUA that I am
implementing keeps messages in its message store with security services still
applied. This is useful for maintaining message integrity and privacy even
from prying eyes on my own system. But what happens when my correspondents'
keys change over time? It seems impractical to retain knowledge of previous
keys indefinitely, yet that is exactly what is required if I am to decrypt
an encrypted mail message that I received 5 years ago. I think I will have to
add an option to my MUA to allow the user to store the messages in decrypted
form.
----------------------------------------------------------------
Dennis Doubleday (dday(_at_)sware(_dot_)com) (404)315-6296 (x62)
SecureWare, Inc. 2957 Clairmont Rd., Suite 200 Atlanta, GA 30329