In RFC1847 the following example is given on page 6:
Content-Type: multipart/signed; protocol="TYPE/STYPE";
micalg="MICALG"; boundary="Signed Boundary"
--Signed Boundary
Content-Type: text/plain; charset="us-ascii"
This is some text to be signed although it could be
any type of data, labeled accordingly, of course.
-- Signed Boundary
Content-Type: TYPE/STYPE
CONTROL INFORMATION for protocol "TYPE/STYPE" would be here
--Signed Boundary--
My question is: is the text present in the "text/plain" bodypart
sent in the clear (i.e., not encrypted to the 2nd signature bodypart) ?
If the above example is the entire message (assuming the standard
From and date (etc) headers are added), then surely the text in the first
body
part should be encrypted to the signature information in the rest of the
message.
If it was not encrypted to the rest of the message, then a simple attack
could
void the "authentication" provided by the signature.
A rewrite attack would be to simply rewrite the ENTIRE message removing all
of
the signature information and headers such as "multipart/signed".
The resulting message would not be a multipart but would contain a single
bodypart
of Text/plain.
Could someone please clarify the above case for me.
Thanks in advance.
