Date: Mon, 28 Oct 91 15:52:10 -0500
From: Greg Vaudreuil <gvaudre(_at_)nri(_dot_)reston(_dot_)va(_dot_)us>
I oppose the use of a new header for checksums. It brings up all the
generic questions about when to have it, and how it should be used.
My preference it to add a checksum to base64 and be done. This way it
is always done if base64 is selected. Base 64 was written to be
reliable across flaky networks, and adding data integrity seems a
reasonable extensions. However, adding this for plain text seems to
be extreme. If you want data to get there unaltered, send it base 64.
I think putting a checksum on base64 is really confusing the
abstraction levels of the spec. One of my goals is to leave
RFC-XXXX neutral with respect to 7 bit, 8 bit, or binary transports.
I'm not saying that we will ever support these transports, but
we should not do anything in RFC-XXXX to make things more difficult
in the future with respect to data bit size on the transport.
The primary purpose of the transport encoding field is to allow
non-7 bit clean data to fit in a seven bit transport. This is
completely orthogonal to the requirement to assure clean body
part transmission from end to end. In fact, some have argued
that this is even more important if you allow 8 bit or binary
transports.
Therefore I think we should have a completely separate header
for content-checksums. To make a specific proposal, for others
to flame:
content-checksum: <algorithm-id> <hex-number>
Where algorithm id is something like MD4, MD5, or CCITT-CRC-16,
and the actual checksum is encoded in hex. I only think we should
standardize on one checksum algorithm but I can see some experimentation
with different checksums over time, which is why I think we should
include an algorithm identifier.
If it has to get there unmodified, use base 64 with it's hopefully
soon to be built in checksum. If it is text, and it is free to be
poked and proded as needed by a friendly neigborhood gateway, (as most
of our mail is) then please don't put a checksum there! Spare me some
confusion.
I think better answer is for gateways to correct the
checksum if they munge the contents of the body part...