W3C home > Mailing lists > Public > ietf-discuss@w3.org > November 2002

Mandatory MIME security

From: Dave Crocker <dcrocker@brandenburg.com>
Date: Thu, 7 Nov 2002 08:39:56 -0800
Message-ID: <153292237264.20021107083956@tribalwise.com>
To: discuss@apps.ietf.org

Folks,

The IESG is now operating with the policy that application protocols must
mandate implementation of (at least one) strong security mechanism.  In the
case of store-and-forward, MIME-base applications this means choosing
between S/MIME and OpenPGP.  One of them must be mandated for
implementation. (More are, of course, allowed)

These standards have been around for a long time and yet the market has not
yet adopted one.  Hence mandating either of them goes against considerable
real-world market experience -- no matter how much any of us might wish for
a single market choice.

I am hoping there will be some public discussion of this policy and have
written:

  <http://www.ietf.org/internet-drafts/draft-crocker-mime-security-00.txt>

to prime the discussion pump.  This list seems like the best venue, since
MIME and the issue of general MIME-based security do not have any other list
venue.

d/
-- 
 Dave Crocker  <mailto:dcrocker@brandenburg.com>
 TribalWise <http://www.tribalwise.com>
 t +1.408.246.8253; f +1.408.850.1850
Received on Thursday, 7 November 2002 11:47:34 UTC

This archive was generated by hypermail 2.3.1 : Monday, 16 July 2018 13:05:40 UTC