They were based upon two assumptions:
In 1995, the status is that the Internet Policy Registration Authority has signed certificates for somewhere between 5 and 20 "policy certification authorities"; the only one of these that has made its policy public as envisioned by RFC 1422 is UNINETT's pilot certification service.
A new standard was published in March 1995, called MOSS (MIME Object Security Services), which offers the same functionality as PEM, but does not force a single trust model, and allows the identification of users by names that don't have any realtionship to X.500, such as E-mail addresses.
Several interworking implementations exist; it remains to be seen whether this standard gains market acceptance.
The cryptoalgorithms used in PEM and MOSS are MD2 or MD5 for the checksum, DES-CBC for the text encryption, and RSA for the public key encryption.