I would prefer to go back to the
standard X.509 certificate structure, using used-signed
(self-CA) certificates as necessary until the full blown CA
infrastructure can be deployed.
Please do. The PEM/MIME spec does not exclude this option. In fact,
consider it motivation for doing this. After all, both RFC 1421 and
PEM/MIME are going to exist together for a while. And PEM/MIME gives
you the best of both worlds, IMHO.
I also think that the time is ripe to incorporate the version 3
X.509 certificate, so that it will give us the flexibility to
move forward on these and other potential new issues.
Here here. Let's do this. But FIRST, let's get the PEM/MIME stuff out
the door so we can recharter this working group with new work items,
such as these.
Jim