ietf-822
[Top] [All Lists]

Re: checksums

1991-10-31 19:44:29
I think it would be good to make the checksum calculation optional with
respect to all the transfer-encodings (and all those defined in the future).
It would probably make sense to make it a parameter of the encodings header
(note it would really be two parameters: the algorithm and the value), but
it could just as easily be in its own header.

It occurs to me that this is consistent with what PEM has done with respect
to whether or not signed only messages should be printably encoded or not.

The original PEM specifications did not include "MIC-CLEAR" messages, ie
messages that were both signed and readable by simply displaying on the
terminal.  All messages were encoded into a printable form prior to sending
to the recipient.  The printable form was derived from the canonical form,
from which the Message Integrity Check (MIC) was calculated.

The community asked for MIC-CLEAR messages, since it was backward compatible
functionality.  The upside was a non-PEM user could get a signed message and
even though the signature could not be validated, the message could still be
read.  The down side is that a recipient may receive a message for which the
MIC can not be validated, since the message may have been munged by some
"gateway" along the way.  In this environment a given originator/recipient
pair would simply need to printably encode all their messages, after
"signing" them, in order to guarantee the correctness of the MIC.

The correct calculation of a MIC can only be guaranteed if the same
representation of the data can be guaranteed for each peer.  This is a
fundamental principle.  Even in OSI, specifically X.509 where the
authentication framework is defined, the importance of this principle was
not lost.  The signature on a certificate is computed on the distinguished
encoding of the certificate, which is guaranteed to be a unique and
unambiguous representation of the data.  (For those in the know, the DER in
X.509 were actually imprecise, but a new document will shortly be released
that corrects the ambiguities.)

This of course leaves the user responsible for selecting an appropriate
transfer encoding to get a message to a recipient, which in the case of PEM
there was only one choice so the option was only to turn it on.  I have
received private mail that may convince me this is not the right thing to do
in this document.  I am still thinking about this.

Jim

<Prev in Thread] Current Thread [Next in Thread>