Here's my response to Robert Jueneman. Thanks to Blake Ramsdell for
forwarding the original message.
----------------------------------------------------------------------
Please forgive me for breaking in - I don't subscribe to either
mailing list. Robert's original email was forwarded to several other
mailing lists.
Robert Jueneman wrote that he opposed the creation of IETF standards
on the propoesd PGP-based e-mail protocols.
I believe that, quite simply, Mr. Jueneman is wrong, both in his
arguments and in his conclusions. There is a pressing need to create a
standard to encourage the interoperation of e-mail clients supporting
encryption based on the PGP message formats. PGP is already widely
deployed, and there are a number of existing and forthcoming
implementations of PGP/MIME. These formats will continue to be used
whether or not the IETF approves them as a standard.
The core of Mr. Jueneman's argument is that introducing one more
standard for e-mail encryption will lead to more confusion in the
industry. This is an empirical statement, but there are excellent
arguments against it.
First, the IETF would not be introducing any new standards. The
standards already exist. They are implemented. PGP is more widely
deployed than any other standard, and PGP/MIME is well on its way. All
serious vendors of secure e-mail clients must make a choice whether or
not to support PGP. The IETF seal of approval would be a relatively
small contribution to such a decision.
Second, there is a lot of confusion in the market now, which the
adoption of the standard would help resolve. A number of clients support
a variant of Nathaniel Borenstein's draft of a PGP + MIME integration,
since withdrawn. Still others support nonstandard MIME embeddings, which
work as long as the same client is used, but do not truly interoperate.
Standardizing on a single PGP/MIME format would truly increase the
interoperability of implementations. The IETF has a positive role to
play here.
Mr. Jueneman wrote that he believes PGP's trust model to be badly
flawed. I certainly agree that it is not perfect. However, unlike any of
its competitors, it has been shown to work adequately in the context of
the Internet.
Another point is that the message formats do not specify a particular
trust model. In theory, it would be possible to use the PGP message
formats (including PGP/MIME), in conjunction with any desired trust
model for the public keys themselves. This argument is isomorphic to the
argument that protocols such as MOSS and S/MIME are algorithm
independent, and so their selection of inadequate algorithms as defaults
doesn't matter. I do not buy this argument, but merely wish to point out
that one can't have it both ways.
Mr. Jueneman also argues that the IETF adoption of the PGP/MIME
standard would slow or prevent the deployment of a "high quality" system
such as S/MIME and/or MOSS.
MOSS has already done an effective job of killing itself, sadly. The
development and deployment of S/MIME, on the other hand, seems to be
getting along just fine, without any IETF contribution. While I hope
that S/MIME will become a high quality system, the formats are still
under development, so it is too early to say.
Mr. Jueneman's characterization of MOSS and S/MIME as "high quality,"
and implication that PGP/MIME is not. This may be his personal opinion,
but it is not widely shared. The relative merits of the contending
e-mail encryption protocols are highly controversial. For example, both
S/MIME and MOSS specify inadequate symmetric encryption algorithms as a
default. In addition, both lack a "negotiation" mechanism to
automatically upgrade the choice of algorithm. Further, S/MIME's signed
+ encrypted message format reveals the identity of the signatory. My
argument is simply that the relative quality is still controversial.
From my experiences on the various mailing lists, and at the IMC's
resolving security meeting, it appears to me that there is a rough
consensus that it is not the IETF's task to pick a winner, but to guide
and encourage the real standardization of all of the viable contenders.
The task of picking a winner is best left to the market.
Raph