From: Raph Levien <raph@c2.org>
Date: Tue, 21 Nov 1995 01:18:23 +0800
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511192347.PAA07661@tess-turbo.mit.edu>
Message-ID: <Pine.SUN.3.91.951119172235.23425B-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 19 Nov 1995, Derek Atkins wrote:

> What do you mean by "technically superior"?  What technical merits
> does MOSS have over PGP?  It does have a better protocol with which to
> integrate it into mailers, but it is only a transmission protocol, not
> a security mechanism change.  Worse, MOSS uses X.509, which requires a
> lot of overhead for certificates.

Ah, I was hoping that my statement would stir some controversy. I've 
learned that well thought out, carefully reasoned posts never get any 
response.

I agree with you that the X.509 stuff is extra baggage in MOSS. 
Fortunately, the use of X.509 is optional.

MOSS has two very large advantages over PGP:

1. It can operate without temp files.

2. It has no non-MIME variant.

It will take forever for PGP/MIME to catch on. Thus, PGP will never 
really be a suitable candidate for my generic interface. Ah well.

> On the other hand, the MIME-PGP protocol can provide the same
> integration functionality as MOSS and still allow the use of the
> simple PGP certification structure that already exists.

This is true. I hope it happens.

> -derek
> 

Raph