W3C home > Mailing lists > Public > ietf-discuss@w3.org > November 2002

Re: MIME Multipart security?

From: Graham Klyne <GK@Ninebynine.org>
Date: Sat, 09 Nov 2002 10:32:36 +0000
Message-Id: <>
To: Chris Newman <Chris.Newman@Sun.COM>
Cc: discuss@apps.ietf.org

At 11:03 AM 11/8/02 -0800, Chris Newman wrote:
>While it would be entertaining to try a 4th attempt at application-level 
>object security (preferably this time with more input from application 
>experts and less from security purists), I think the odds of succeeding 
>have decreased significantly since the last 3 attempts.  If you really 
>wanted to pursue this direction, here's what I think it would take to succeed:
>1) Really good open-source implementations with free-for-commercial use 
>license, at least one in C and one in Java.
>2) Transition strategy from existing PKI systems that works and is 
>included in 1.
>3) A really good spec, that includes good discussion about user interface 
>requirements and how to deploy the system into an untrained average user 
>community (likely involving automatic fetching of generated private keys 
>over the Internet using TLS and a username/password pair).
>4) A major vendor or consortium backing the effort with enough clout to 
>get the attention of the trade rags.

I'm trying to remember what your 3 object security mechanisms so far are 
(S/MIME, PGP, and ... PEM?, MOSS? ...)

Anyway, at risk of duplication, there is another object security framework 
on the blocks.  I am thinking of the combination of XMLDSIG [1], XMLENC [2] 
and XKMS [3].


[1] Eastlake, D., Reagle , J. and D. Solo, "XML-Signature Syntax and 
Processing", W3C Recommendation xmldsig-core, October 
2000.  http://www.w3.org/TR/xmldsig-core/

[2] Eastlake, D. and J. Reagle , "XML Encryption Syntax and Processing", 
W3C Candidate Recommendation xmlenc-core, August 
2002.  http://www.w3.org/TR/xmlenc-core/

[3] Ford, W., Hallam-Baker, P., Fox, B., Dillaway, B., LaMacchia, B., 
Epstein, J. and J. Lapp, "XML Key Management Specification (XKMS)", W3C 
Note xkms, March 2001.  http://www.w3.org/TR/xkms/

Graham Klyne
Received on Saturday, 9 November 2002 06:36:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:08:17 UTC