At 04:33 PM 10/8/2004 -0400, James M Galvin wrote:
On Thu, 7 Oct 2004, Jim Fenton wrote:
The question is not whether MIME is permitted; it is whether MIME
MUST be wrapped around the body of every signed message. The
question for me is not so much what percentage of MUAs aren't
MIME-aware, but whether this mandate would disenfranchise even that
(arguably small) percentage.
I'm not sure this is the right question because I now do not believe
that MUAs are a critical part of the problem or solution space.
While I do agree we should consider what reports an actual originator or
recipient might receive based on the success or failure of the signature
mechanism to be developed, insofar as the signature is end-MTA to
end-MTA, the MUAs are largely irrelevant.
Irrelevant in the sense that we don't want to require an MUA upgrade to
participate, yes.
So, I think the question is what percentage of MTAs are MIME-aware,
since they are the primary applications that will have to deal with the
creation and validation of the signature.
Currently? I expect that's a very small percentage. And remember that there's
no way of knowing whether the recipient's MTA can validate signatures; you need
to assume that the recipient might get the message as is.
-Jim