MUSE (Mail Ubiquitous Security Extensions) discussion starting

[Ned Freed]

> One initial technical question I have about MUSE is why to bother
> encapsulating email messages while in transit in more layers of MIME
> glop?  Why not just run IP Security between the sendmail daemons
> involved, and have the receiving sendmail daemon note in the Received
> header that the message arrived over an authenticated connection?

Because this gives you a point-to-point solution. MUSE is still end-to-end; the
only difference is that the ends have moved slightly away from the user in the
interests of deployment expediency.

> IPSEC provides your choice of authentication and/or encryption, and
> already uses the keys from the Domain Name System.  IPSEC solves many
> other problems as well as the particular secure/private email delivery
> problem.  And deploying a Real Application (sendmail) that uses IPSEC
> would shake it out and get it widely used.

IPSEC does indeed solve many problems. Unfortunatly secure email end-to-end
email isn't one of them.

				Ned