Problems with MSP

Raph Levien (raph@c2.org)
Wed, 14 Feb 1996 17:40:51 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Paul Rarey: "Re: Pronto Secure - a mail package that integrates PGP."

   At the urging of one of the list members, I took a look at the MSP 
documents available from the IMC Web server.
   I did not like what I saw. Implementing MSP requires the 
implementation of a lot of X.400 and ASN.1 garbage. The whole thing would 
be very, very complex. I can see a single person implementing MOSS, PGP, 
or S/MIME, but probably not MSP.
     Complexity aside, I saw problems with features and compatibility as 
well. From what I understand, all messages (including signed messages) 
are encoded in a BER-encoded ASN.1 structure. Such a structure is 
effectively binary and cannot be transported over RFC 822 without 
additional encoding (presumably MIME base64). Thus, MSP signed messages 
would be unreadable to recipients not in possession of an MSP agent.
   In my personal opinion, this is the single most important feature of 
any signed message format. PGP, PGP/MIME, MOSS, and S/MIME all go to 
great lengths to ensure that the original message is clearly recoverable 
from the signed message format.
   The documents assert that MSP can be used over RFC 822 channels, but 
this claim is not supported. Presumably, Internet multimedia types would 
need to be MIME encoded, converted to X.400, encrypted by MSP, then 
embedded in another MIME object. This process sounds complex, 
inefficient, and error prone. I contend that the burden of proof falls on 
MSP's proponents to demonstrate why such complexity is justified.
   I agree that MSP's signed receipt type is valuable, but see no reason 
why it can't be implemented as, say, a MIME receipt type which is then 
signed with the standard MIME-based signature protocol. In other words, I 
see nothing inherent in MSP that enables this feature.

   I believe that the combination of these factors renders MSP unsuitable
for the goal of a widely deployed, transparent crypto protocol for
Internet email. We should spend time on MSP at the conference only if this
is not our goal, or if I can be shown wrong. The issue of unreadability of
signed message formats alone would seem to doom the protocol.

Raph

Previous message: Paul Rarey: "Re: Pronto Secure - a mail package that integrates PGP."