On Fri, 13 Jan 1995, Robert W. Shirey wrote:
Bob,
My understanding, which may be out of date, is that last year Jeff Schiller
had in hand a rough, RFC-style draft of a PGP spec; and that he was
awaiting some clean up blessing publication as an I-D.
Jeff (or the spec author),
How's about another interested party ...
Last May Nathaniel Borenstein put forward a draft informational rfc that
defined a MIME content type, 'application/pgp', which he'd coauthored with
Phil Zimmerman and Colin Plumb of PGP fame. Recently Nathaniel announced
he was withdrawing from the project due to time pressures and wasn't
recommending furthering the progress of the document. A number of people,
including me, had expressed doubts about the proposal and he'd come to
agree with so of the concerns. I've been working since the Dec. IETF to
restart the MIME/PGP effort with the somewhat naive plan of fitting PGP
into the multipart/signed-multipart/encrypted formats coming out of this
group.
I was planning to wait another week or so until my new life settled
out--I've moved 300 miles west and I'm no longer employed at McGill, just
coasting on good will for my e-mail, etc.--before making public noise to
get it going but since you've asked.
I talked with Phil and met with Colin over the holiday and I've exchanged
private e-mail with a few people that Nathaniel redirected to me. I've
also been working through the current PEM/MIME drafts (and the pem-dev
archives) along with the a recent RFC draft that discusses PGP in some
detail, draft-pgp-pgpformat-00.txt.
As a rough opener, I'm not 100% convinced that the space set up in the PEM
framework for other security protocols is a comfortable fit for the
existing PGP formats and practice. There's argument for some reflection on
the 'sigenc' draft based on feedback from this project assuming a
desire in the WG to meet the challenge of a real test--after it's got ice
crystals forming up on the standards track will be too late. To close on a
positive note, the folks working hard on PGP V3.0 have indicated it is
still taking shape and might be open to input about how formats could be
adapted integrating MIME.
Anyone not up to speed but interested in PGP probably should start with:
ftp://ds.internic.net/internet-drafts/draft-pgp-pgpformat-00.txt
It is also worth locating a copy of the original application/pgp draft
since it does serve as a starting point for discussion. It was removed
from the IETF internet-drafts area on the Internic server in Dec. but I
can mail anyone who asks a copy of the postscript version.
... Ian Duncan <id(_at_)cc(_dot_)mcgill(_dot_)ca>