Peter Williams wrote:
John Linn spoke of the option of symmetric key management, for which no
concept of nonrepudiation of origin services ever existed in PEM. This
no longer exists in MIME/PEM, though represented the same quality of
assurnace and procedural ease (with a fraction of the cost) as your
additional key exchange mechanism based exclusively on the reversible
properties of RSA (versus assymemtric ciphers in general contrary to
PEM goals) and trusted keying databases or, perhaps, even a trusted
DNS/Directory!
Symmetric-key PEM is indeed a simple case to implement, though best
applied below galactic-level scale and indeed not offering the
non-repudiation services available with public-key technology. It
is, however, an expedient way to address the goals it can address;
I also recall some discussion on this list a few months back about
definition and use of a symmetric variant based on X9.17.
RFC 1421 certainly does support manual key distribution, though Id
appreciate Johns input whether 1421 implied the use of manually
distributed asymmetric IKs. Such a concept undermines the identity and
non-disclosure protocol I thought PEM was about - which wouldn't be the
first time I totally misinterpreted something!
In principle, 1421 should neither imply nor preclude this case;
its intent is to support a range of key management approaches.
In practice, it's possible that some details useful to support
this case are missing, since it wasn't an option which was
being actively and visibly pursued.
--jl