W3C home > Mailing lists > Public > ietf-discuss@w3.org > November 2002

Re: Mandatory MIME security

From: Keith Moore <moore@cs.utk.edu>
Date: Thu, 07 Nov 2002 18:30:37 -0500
Message-Id: <200211072330.gA7NUbl15317@astro.cs.utk.edu>
To: Paul Hoffman / IMC <phoffman@imc.org>
cc: discuss@apps.ietf.org

> >It seems quite reasonable to me that different MIME-based apps would
> >make different choices here, depending on the assumptions about
> >relationships between the communicating parties and which trust
> >model works best with each.
> 
> This is a common misconception. OpenPGP authentication can be made to
> work in a hierarchical fashion, and PKIX authentication can be made
> to work in a web of trust. There is nothing inherent in either
> authentication mechanism that forces it in one way or another.

I'm aware of that.  At the same time, the tools tend to favor one
mode or the other, and there is an investment in keying and 
infrastructure that favors one or the other.
Received on Thursday, 7 November 2002 18:31:45 UTC

This archive was generated by hypermail 2.3.1 : Monday, 16 July 2018 13:05:40 UTC