Re: limitations of mime-pem transformation

I like to think of content as the part that is filled 
in with variable quantities that are likely to vary on per-check 
basis, e.g., payee, amount, date, signer, etc.  Anything printed on 
the check in a permanent fashion, like a multi-signer requirement 
for checks above a certain value, strikes me as not content.


I still think that this is a hedge (and I note your use of "likely" above).  
As an extreme example, let me describe by own checks.  They are printed on 
green safety paper, and have the following items printed on them: a check 
number in the upper right corner, the name of my bank & its interbank number 
printed in human-readable text, and a MICR encoding on the bottom with the ABA 
routing code, my account number, and the check number.  That's it.  And, in 
fact, this is a legal check, even if all I fill out are the payee, amount, 
date, & signature.  Everything else, including my address block and any 
restrictions I might place on the check (such as a validity period) may vary 
from check to check, and are interpreted by the recipient of the check, not 
the check processing system.  As a result, I think of them as content.

I think this is coming down to the difference between mechanism and policy 
again.  They are both essential to the operation of a system, but it's 
important to keep them distinct.  In my check example, the MICR encoding is a 
mechanism; interpretation of the content, including restrictions placed on the 
face of the check, is policy.  In fact, even the date, signature, and payee 
are interpreted by policy, since most banks will happily redeem post-dated 
checks, or checks with a different payee, or even checks without a signature.  
The only variable field that is not interpreted according to policy is the 
amount (which, *not coincidentally*, is the only field that gets MICR-encoded 
onto the check)...

Mechanism applies to semantics that are universal; policy applies to semantics 
that are context-dependent.  As I see it, the cryptographic and transport 
mechanisms in PEM are the mechanisms; they are not in dispute.  Policies such 
as certification, assurance, and non-repudiation are built on top of the basic 
cryptographic and transport mechanisms.


Amanda Walker
InterCon Systems Corporation

<Prev in Thread]	Current Thread	[Next in Thread>
Re: limitations of mime-pem transformation, (continued) Re: limitations of mime-pem transformation, Peter Williams Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Ned Freed Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Ned Freed Re: limitations of mime-pem transformation, Steve Crocker Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Amanda Walker Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Ned Freed Re: limitations of mime-pem transformation, Amanda Walker <= Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Ned Freed Re: limitations of mime-pem transformation, sandy Re: limitations of mime-pem transformation, Peter Williams Re: limitations of mime-pem transformation, sandy Re: limitations of mime-pem transformation, Amanda Walker Re: limitations of mime-pem transformation, Steve Kent Re: limitations of mime-pem transformation, Amanda Walker

Previous by Date:	Re: limitations of mime-pem transformation, vitor
Next by Date:	Re: limitations of mime-pem transformation, Steve Kent
Previous by Thread:	Re: limitations of mime-pem transformation, Ned Freed
Next by Thread:	Re: limitations of mime-pem transformation, Steve Kent
Indexes:	[Date] [Thread] [Top] [All Lists]