On Wed, 2003-08-20 at 12:42, Deven T. Corzine wrote:
I think the only really significant semantic suggestion I'm making
is that a hash of the body of a message should be included to
prevent forgeries of level-two systems.
That has been mentioned before and is a pretty good idea. It also
alleviates some privacy concerns since the originating MTA/MUA does not
have to store copies of messages, but can store MD5 hashes instead.
Using a hash is an obvious thing to do, but it begs the question of exactly
what you're hashing. You can't safely hash the entire message because the
headers change on every hop, at least for Received: lines. Other headers
might be mangled or normalized as well. You can ignore the header, but it
would be good to validate parts of it. Even if you just hash the body, you
have to be concerned about the message being mangled by intermediate MTAs.
I imagine one would hash all the MIME parts together. Or do whatever
GPG does with a MIME message. This but has been solved, there is only
to select an approach and approve it.
--
David Nicol / If at first you don't succeed, use a bigger hammer.
http://gallaghersmash.com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg