[ must interoperate with old MTAs ]
Your paragraph above is an excellent starting point for the Charter, in
Separately, I do want to comment briefly on the issue of
interoperability. Multipart/signed was designed expressly to be
backwards compatible with non-MIME-aware email components. Consider
that the content that was signed appears first and the security
information second, so as not to distract "backwards" components.
It works OK for people who can look at the MIME separator and realize that
they can ignore it.
Not all MUAs present mail to people. An oft-cited example is mailing list
managers that read lines of commands from the body of the message. I
would guess that these days most list managers can tolerate MIME since
there are so many lame MUAs that make it nearly impossible to send
non-MIME mail, but there are lots of other kinds of applications hanging
off mail systems.
I honestly don't know how many of them expect an unwrapped plain text body
and fail if they trip over a MIME separator. Or how many expect a
particular set of MIME sections and fail if there's more MIME than that.
Clearly, the ones with those problems can be patched or put behind an
unwrapping front end, but I don't have a good idea of how many there are.
So if there's a reasonble approach that dodges that MIME format issue
altogether, I'd rather use it.
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
Information Superhighwayman wanna-be, http://iecc.com/johnl, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.