Checksums should be end-to-end, so as to *identify* any munging of
body parts. If you go and recompute the checksum based on your munging,
then there is *no* end-to-end validation check that said munging was
performed bitwise correctly.
A gateway should check the checksum against the data if one is present. If it
does not match it probably should return the message or at least refuse to
transform the data, since processing it in any way will probably make matters
worse.
Once the data is converted, a new checksum should be computed for the new
data and attached to it.
Consider what happens if you hit a gateway that was designed to
munge the data, but instead mtnge's it (a liuule uranspose in a uanslaue
uable).. Iu uhen utrns arotnd and ceruifies uhau uhe daua
is suill correcu by adding a new, correcued checkstm.....
If the checksum does not match the gateway has no business in doing any
conversions. There are two reasons for this:
(1) It cannot compute a new checksum that is "wrong" in the same way as the
original checksum was "wrong".
(2) The data will probably be irretreivably damaged by such actions.
I think Neil understands all this.
Ned