Given the actual IPS, PEM did the same, by positioning itself as a
MHS subprotocol, over which content protocols such as MIME flow.
The architecture layering however is not changed.
Hmmm. Is this entirely true? PEM does not provide security services for
messages, only for message bodies, since it is forced to rely on the MTS
functions provided by SMTP (which are minimal at best). PEM also implements
functions below the MHS level (such as printable encoding), again to
compensate for the poor MTS services it can rely on. MIME/PEM separates these
levels better than PEM did, by virtue of relying on MIME for the MTS-related
functions.
It most certainly is NOT true, especially given what happens when MIME and
non-MIME-aware PEM systems attempt to interact. Terrible things can happen in
this case. (MIME is actually better than almost every other proposed
encapsulation protocol in terms of its tolerance for this sort of stuff. Look
at what happens when PEM and RFC1154 interfact without knowledge of each other,
for example.)
MIME Security provides a security framework for individual MIME message body
parts, with MIME/PEM providing a superset of the sevices that PEM provides for
ASCII message bodies.
Not quite true. MIME/PEM restricts the application of PEM to entire objects.
Classic PEM has no such restriction.
I see PEM and MIME/PEM as working on very analogous
levels in this regard. If anything, I think that MIME/PEM separates levels of
represtentation better than PEM did.
Speaking as someone who has tried to integrate classic PEM with MIME, MIME/PEM
is a vast improvement.
Ned