I also agree with Bob and feel that the impact of this new PEM-MIME
standards on vendors who have or were going to incorporate the
classical PEM into their products would be more severe than the
benefits of integrating security into MIME. In other words, even if
the two RFCs co-exist, it would make the vendors think twice before
investing resources to incorporate any form of PEM into their
products. Obviously those who have started will suffer too. But then
the PKCS folks should be happy :-)
We haven't seen any input from vendors saying this. Is there really some vendor
out there that has come to such a conclusion, or is this just a theoretical
argument.
Speaking as vendor, I come to exactly the opposite conclusion. I need MIME/PEM
because classic PEM simply was not a viable option for my product. At least
three other vendors I know of have reached similar conclusions.
Ned