>The only suggestion that I have for the multipart stuff is that
>of distributing key data. i.e. putting the key data in as an
>optional third body part.
What's your feeling about using the MIME multipart mechanism to
transmit both a MIEM-PEM message and key data instead of
extending the security multipart? In symbolic terms, taking a
bit of license with terminology, the comparison between what
exists and what you're proposing is something like:
mp_mix(mp_sec(app_enc(M),app_keys(K)),app_keydata(KK)) vs
mp_sec(app_enc(M),app_keys(K),app_keydata(KK))
Or, how about:
mp_sec(app_enc(M),mp_keys(app_keys(K),app_keydata(KK)))
Hey?! But wait.
Doesn't that mean the proposal already on the table is the simplest case
and it provides an excellent building block for getting implementation
experience with all these options?
I vote we go forward with the security multiparts document as proposed
and explore these other, interesting possibilities, separately and later
(as in after publication).
Jim