Derek Atkins <warlord(_at_)mit(_dot_)edu> wrote:
I like most of it, but I'm not sure I like the way multipart/encrypted
is done. In particular, I don't like how the DEK information and the
message are separate -- when the message is encrypted, they are
integrated parts, you cannot separate them, so why put them in
separate MIME parts? It's not like MIME can do anything without
decrypting the data first, right? I would think that it would behoove
us to put the KEY DATA and the Encrypted Data in the same mime-part.
Don't forget that multipart/security is generic. PGP decided to have one
self contained block (not quite self contained actually since the keys are not
included, only the keyID). But this should not be mandatory in a generic mime
format. Also, while working on integrating exmh and pgp, I noticed that if you
want to decrypt a PGP block in batchmode, you need to know which key to use in
order to know which password to send. Hence some easily externally accessible
information on what keys can decrypt the thing is useful. Of course, a simple
parameter containing the list of keyIDs is sufficient for PGP, but don't forget
the multipart/security is not designed for PGP exclusively, just as it's not
designed exclusively for PEM. The duplication of information is due to PGP
bundling it with the encrypted data, rather than to multipart/encrypted :-)
Peter Williams <williams(_at_)atlas(_dot_)arc(_dot_)nasa(_dot_)gov> wrote:
(a) did it facilitate forwarding, with all modes of message security
Nope. It didn't deal with the problem of figuring out what exactly to sign
and what exactly to encrypt. Mainly because PGP tries to deal with it itself.
(b) did it support list explosion, with all modes of message security
Probably not (I don't exactl what you're refering to, tho)
(c) did PGP change in any way, in integrating with MIME
Nope !
(d) can PGP used in this mode to protect (recursively) MIME messages
the format was trivial: an application/pgp part would contain a PGP block
(PGP generates "self contained" blocks) which could either be some text (for
compatibility with other wild uses of PGP in mail), a mime part or some keys.
Of course, the enclosed mime part could contain a nested application/pgp part.
(e) was it easy to integrate with MIME handlers
Yes, as long as you didn't have to be fancy !
(f) did multiple signature issues arise in practice?
PGP doesn't know about multiple signatures (you can of course do it by signing
an already signed message, tho)
(g) how did the MIME versus non-MIME issue go?
It didn't. The MIME format was just an encapsulation of the standard format.
(as if you had a message/rfc1421)
Stefan