Its an interesting question. I argued 5 years ago that Fortezza
key escrow was a lot less intrusive that the current proposals
for which US software industry is caving to day by day. Hopefully
users can still decide for themselves, still.
A change to the underlying PKCS7 has been made (but not published) so
that it can supprot the use of key agreement ciphers, versus
key transport ciphers. Obviously, S/MIME then inherits
all the arguable benefits.
Finding clients willing to pay for development is the only hard bit,
as its merits are marginal, if they exist, over the PKCS7 systems
deployed for years.
Given, using Fortezza with skipjack encryption means
Clipper-based mandatory message key escrow with covert
access capability, I doubt it would get into PGP/MIME, somehow. But
Ive been wrong on PGP''s policy on key recovery before now!
As far as I know, PGP forces one to use the ciphers the designers
choose. If you want a low grade cipher, tough.
If one wnats the PCMCIA-features of the Fortezza card, spyrus sell
an RSA equivalent, with not much doubt as to its suitability for the risks of
personal token users when performing the RSA operations.
Peter.
----------
From: Dave Crocker
Sent: Thursday, October 03, 1996 8:07 AM
To: David M. Balenson
Cc: pem-dev(_at_)TIS(_dot_)COM
Subject: Re: [Internet-Drafts(_at_)ietf(_dot_)org:
I-DACTION:draft-balenson-secure-email-00.txt]
I don't know a delicate way to ask this question, so I'll just do the usual
bull in a china shop approach:
Is there an equivalent effort to specify the use of FORTEZZA for the
PGP/MIME and S/MIME environments?
d/
--------------------
Dave Crocker +1 408 246 8253
Brandenburg Consulting fax: +1 408 249 6205
675 Spruce Dr.
dcrocker(_at_)brandenburg(_dot_)com
Sunnyvale CA 94086 USA http://www.brandenburg.com
Internet Mail Consortium http://www.imc.org,
info(_at_)imc(_dot_)org