pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: summary of technical issues

1994-12-23 16:51:00
from [Ned Freed] [Permanent Link] 
From: Ned Freed <NED(_at_)sigurd(_dot_)innosoft(_dot_)com>
Subject: Re: summary of technical issues
Date: Thu, 22 Dec 1994 17:02:56 -0800 (PST)



We want things to interoperate. This means restricting ourselves to some 
subset
of the available solutions, even when that subset doesn't always offer the 
best
performance, use of available bandwidth, or whatever.



Ned, as a designer, you argue this quality designer's line for the MIME
and SMTP issues, but for PEM issues evidently, through your support for
the current MIME/PEM concept, wish some users to have a public-key key
distribution system which will not even attempt to engender
interoperability with others who also claim and desire to support the
same basic PEM privacy service.


Excuse me? I don't see any interoperability problems within the present scheme.
If there are interoperability problems I'd like to hear what they are.


This is contrary to the fundamental service and scaling goal, I claim.
In my most humble and ignorant opinion, I suggest we cannot afford to
sacrifice the privacy notion or the goal of actually scalable privacy.


Well, as a rule I try to stay out of the discussion of key distribution and
trust part of all this. I know a lot about MIME and I try to stick to that.

As such, it may be my own stupidity talking, but little if any of this makes
any sense to me at all. I don't see what has been sacrificed since the classic
PEM model has been retained as a subset in the MIME-PEM work.


I also suggest that other and more accomplished designers than are
present on the TIS/PEM team put work into the PEM design, and their
judgements are not to be just discarded just to accomodate the
innovative MIME work, as-is. I continue to believe that the Internet is
not served by even 100,000 pockets of satisfied MIME/PGP users.


The multipart security work lays the foundation for security services in MIME.
The MIME-PEM work simply builds on that foundation. All sorts of other services
could be built on the same foundation. I therefore don't see how what you call
the "innovative MIME work" has or could cause ANYTHING to be discarded.


This view and understanding is clearly represented in reality by the
fact that MIME/PEM will go one way, and PEM another within the IETF.  I
suspect they will merge later on, once the Web angle is brought into
play; and this will be the major harmonising influence I guess. PEM and
MIME/PEM are clearly very much alive and kicking away at some very
hard, common problems. The WG spoke this, and so spake the mailing
list.


At this point I think a far more likely outcome is that all this work will be
relegated to the dumpster. I can only reiterate Dave Crocker here and say that
we are very late and it is getting later. Every passing day makes both PEM and
MIME-PEM more and more problematic. Soon this entire discussion and Working
Group may be moot.


Now consider some emerging commonality of direction and trend.


In order for something to emerge there has to be closure.

                                Ned
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Key selectors (Was: Re: unpublished public keys ), Ned Freed
Next by Date:  Re: Key selectors (Was: Re: unpublished public keys ), Jeff Thompson
Previous by Thread:  Re: summary of technical issues, Peter Williams
Next by Thread:  Re: summary of technical issues, vitor
Indexes:  [Date] [Thread] [Top] [All Lists]