ietf-mailsig
[Top] [All Lists]

Mandating MIME

2004-10-07 14:36:04

[From the "semantics of the signature" thread]

At 04:16 PM 10/7/2004 -0400, Andrew Newton wrote:

On Oct 7, 2004, at 2:36 PM, Jim Fenton wrote:
We should probably break that question down into (1) whether a MIME 
encapsulation must be required for all signed messages and (2) choice of 
keying model (certificates, web of trust, etc.).  IMO there are enough 
problems with issue (1) that we don't need to go further.

For those of us that do not know better, what are the problems with MIME 
encapsulation?

Mark covers a lot of that territory in 
http://www.imc.org/ietf-mailsig/mail-archive/msg00225.html to which I will add:

The question is not whether MIME is permitted; it is whether MIME MUST be 
wrapped around the body of every signed message.  The question for me is not so 
much what percentage of MUAs aren't MIME-aware, but whether this mandate would 
disenfranchise even that (arguably small) percentage.

Here's something that happened to me the other day.  A friend asked me to send 
her some pictures of her kids in a PGP-encrypted message.  I sent the pictures 
as attachments, and she got the message but not the attachments.  I sent them 
to myself and after decrypting it was faced with the ASCII form of the enclosed 
MIME, and was presented with the pictures in base-64.  I'm clearly not using 
the latest and greatest version of my MUA, but I suspect I'm fairly typical.  
If we're going to wrap the body of a message in MIME, creating a multilevel 
MIME message, we are likely to make MIME work a lot more poorly for many people 
than it does today.

Finally, I expect that the signature semantics issue that we have been 
discussing would mean that we wouldn't end up with real S/MIME or real 
PGP-MIME, but a different MIME type entirely that expresses the fact that the 
signature means something else.  I would be interested in knowing how that 
would impact the deployment of a MASS solution, in particular whether it would 
require users to upgrade their MUAs.

-Jim



<Prev in Thread] Current Thread [Next in Thread>