Given the actual IPS, PEM did the same, by positioning itself as a
MHS subprotocol, over which content protocols such as MIME flow.
The architecture layering however is not changed.
Hmmm. Is this entirely true? PEM does not provide security services for
messages, only for message bodies, since it is forced to rely on the MTS
functions provided by SMTP (which are minimal at best). PEM also implements
functions below the MHS level (such as printable encoding), again to
compensate for the poor MTS services it can rely on. MIME/PEM separates these
levels better than PEM did, by virtue of relying on MIME for the MTS-related
functions.
MIME Security provides a security framework for individual MIME message body
parts, with MIME/PEM providing a superset of the sevices that PEM provides for
ASCII message bodies. I see PEM and MIME/PEM as working on very analogous
levels in this regard. If anything, I think that MIME/PEM separates levels of
represtentation better than PEM did.
Amanda Walker
InterCon Systems Corporation