Re: Canonical forms (Was: Re: PEM/MIME Encryption)

I certainly agree with you there. My only lingering question, which 
you are helping to resolve, is whether it would be better to 
make reasonably modest improvements to the basic PEM, taking advantage 
of the new features provided by version 3 of X.509 to overcome some of 
the previous difficulties, or whether it would be better to fix 
those elements of PEM/MIME which appear to have some problems, and try 
to integrate signatures, encryption, complex object managment, and 
the public key infrastructure


Aha.  This is precisely where I think MIME/PEM is a step forward.  Classic PEM 
made assumptions about the content it operated on, while MIME/PEM makes far 
fewer, thanks to MIME.  It also, by removing the requirement of using X.509 
certificates rooted in the IPRA (which itself was only quite recently set up), 
or in fact of using X.509 at all, removes key infrastructure concerns from PEM 
itself.

MIME/PEM, by my reading of it, narrows the focus to just one of 
representation, algorithms (though even this is open-ended), and how to 
construct MIME objects which contain content, encrypted content, and/or 
signatures.  It leaves the object management to MIME or other, higher-level 
mechanisms, it leaves key infrastructure as a separate problem, and it brings 
privacy enhanced mail into representational parity with cleartext mail.

and eat the whole pig all at once, as it were.


To the contrary; I think that it pushes the whole pig aside and says, "why 
don't we just eat this pork chop to hold us over until the whole pig is done?"

MIME/PEM is attractive to me precisely because it doesn't try to solve 
everything at once; it just puts a stake in the ground where we have reached 
substantive agreement.

The proposal as it stands may have some lingering ambiguities, to be sure.  I 
would strongly prefer to work on them and get it out the door than to keep 
trying to widen its scope, however important the wider scope may be.

I'd be shipping PEM software right now into mass-market channels if I had a 
standard that coexisted workably with MIME.  This is of far more than academic 
concern to me.  Policy models can come later, as far as I am concerned.  I 
want the cryptographic and representational issue nailed down now, since I see 
substantive agreement at that layer.


Amanda Walker
InterCon Systems Corporation

<Prev in Thread]	Current Thread	[Next in Thread>
Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman Re: Canonical forms (Was: Re: PEM/MIME Encryption), Ned Freed Re: Canonical forms (Was: Re: PEM/MIME Encryption), Mr Rhys Weatherley Re: Canonical forms (Was: Re: PEM/MIME Encryption), Amanda Walker Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman Re: Canonical forms (Was: Re: PEM/MIME Encryption), Ned Freed Re: Canonical forms (Was: Re: PEM/MIME Encryption), Amanda Walker Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman Re: Canonical forms (Was: Re: PEM/MIME Encryption), Amanda Walker <= Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman Re: Canonical forms (Was: Re: PEM/MIME Encryption), Amanda Walker Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman

Previous by Date:	summary of technical issues, James M Galvin
Next by Date:	Key selectors (Was: Re: unpublished public keys ), Jueneman
Previous by Thread:	Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman
Next by Thread:	Re: Canonical forms (Was: Re: PEM/MIME Encryption), Jueneman
Indexes:	[Date] [Thread] [Top] [All Lists]