[linux-elitists] RFC 2015 (MIME and PGP) -- RFC status?

Aaron Sherman ajs@ajs.com
Mon Mar 12 16:03:57 PST 2001


On Mon, Mar 12, 2001 at 03:46:45PM -0800, Aaron Lehmann wrote:
> On Mon, Mar 12, 2001 at 02:55:27PM -0800, kmself@ix.netcom.com wrote:
> >     I understand  your frustration, but  please note  that RFC2015 is
> >     only a proposed standard.

> Hmm, I noticed that RFC2015 happens to be by the author of Mutt, which
> is the most notable program I know of that prefers PGP-MIME. This sheds
> some light for me on why Mutt deprecates plaintext PGP signatures.

I love mutt's PGP/GPG handling and hate it. One of the biggest complaints
that I have is one that neither PGP nor GPG can really solve, so I'm
working on a specification for a header-based protocol that I think
will solve the problem.

Please feel free to have a look at http://www.ajs.com/~ajs/pps/ and
let me know if you have any comments. PPS is short for Passive Privacy 
System, and combines PGP encryption with passive key-exchange.

The idea is that everyone everywhere does key exchange in a
light-weight fashion (attaching keys to every message is RUDE). Then,
if you want to do the right thing (e.g. verify fingerprints
out-of-band, etc) you can, without an evesdropper being able to tell
by analyzing the message traffic.

It looks like I should research RFC2015, but I think that it will fall 
nicely in line with what I'm already doing (since this protocol does
not specify much beyond key exchange).

I'm working as hard as I can on this, given that I'm also in the
middle of a job search. I have another friend who is going to Europe
for a while, and he may work on it while there.

-- 
Aaron Sherman		
ajs@ajs.com		finger ajskey@b5.ajs.com for GPG info. Fingerprint:
www.ajs.com/~ajs	6DC1 F67A B9FB 2FBA D04C  619E FC35 5713 2676 CEAF
 "Do you come from a land downunder, where beer does flow and the
  men chunder?" -Men at Work



More information about the linux-elitists mailing list