1. I'm guessing you chose to call the header field content-md5 so that
the choice of algorithm was explicit and it would not be necessary
to parse the value of the header into two parts: algorithm
identifier and value.
It was done this way on purpose. Like content-transfer-encodings,
having a lot of content-mic algorithms would be a bad thing. So, for
simplicity, it's better, I think, to have a single field.
2. This document will ultimately require a security considerations
section in which it will be necessary to distinguish between the
service provided by this specification and the service provided by a
secure data integrity service. For example:
I'll add a security considerations section.
/mtr