Earlier, I mentioned that two and a half protocols survived the day. The remaining one is MSP. It's actually not a bad protocol. It has two features that none of the others have: the ability to label classified messages, and a cryptographically strong signed receipt. Both of these functions are highly important for government users. It looks like government suppliers are going to go ahead and implement it, and the government is going to use it.
Although these benefits are present in the current MSP, I don't see anything inherent in MSP that makes it necessarily superior in these areas. If you were doing normal MIME-type receipts (whatever that means, since I think there are three different drafts under way currently), and you simply added the ability to cryptographically sign a timestamp in the "proper" MIME receipt type, then MSP would lose this advantage.
FIF. I guess this could be said about any of the protocols. With enough changes they all have the same feature set. :-) MSP just has it now and it works.
I think labeling could potentially be done by follow-on versions of other packages as well, since I think we all agree that generic labeling which can be used both for standard gov't-style classification levels and compartments, as well as for business-style sensitivity labeling. In fact, I'd almost be inclined to say that it would likely be as easy (or easier) to create a new general-purpose labeling system for use with any of the competitors than it would be to modify MSP to support business-style labels in addition to the gov't-style labels I'm sure it has today (maybe it already has labels, but I don't think that this is that tough of a problem to solve in any event).
Well, read MSP first before assuming. And of course, see above comment. -Peter