I've been looking at what do different mail redirection systems (mail lists
in particular) do with emails and discovered that some (especially newer)
mail lists treat S/MIME and PGP/MIME signed email different then other
email they process (not surprising and this is obviously a good thing).
In particular what I found interesting cases when mail list saw
multipart/signed as primary Content-Type in the email header, it made
that into separate multipart/signed mime part and made the email itself
multipart/mixed consisting of this multipart/signed part as first one
and then text/plain with mail list signature.
So in this case email list not only added text at the end but in the
middle and changed content-type and I imagine this would be a problem
for IIM. This case is also why I said when I first saw DK draft about
year ago, that for mime messages, signature should be linked to mime
part(s) rather then be for entire message.
To show it on example of what I'm talking about above, this is what
relevant parts of my email looked like before it was posted to mail list:
-----------------------------------------------------------------------
MIME-Version: 1.0
Content-Type: MULTIPART/signed;
BOUNDARY="-1747394880-148699519-1107041545=:19042";
protocol="application/x-pkcs7-signature"; micalg=sha1
...[rest of the headers of email message were here]
---1747394880-148699519-1107041545=:19042
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
...[actual email message text as sent to mail list was here]
---1747394880-226898404-1107027634=:13052
Content-Type: APPLICATION/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: BASE64
Content-Description: S/MIME Cryptographic Signature
Content-Disposition: attachment; filename="smime.p7s"
... [s/mime signature was here]
---1747394880-148699519-1107041545=:19042--
-----------------------------------------------------------------------
And this is what it looked like after mail list post:
-----------------------------------------------------------------------
Mime-version: 1.0
Content-Type: multipart/mixed; boundary="===============1890379832==
...[rest of the headers of email message were here]
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--===============1890379832==
Content-Type: MULTIPART/signed;
BOUNDARY="-1747394880-817575484-1107044129=:22427";
protocol="application/x-pkcs7-signature"; micalg=sha1
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
---1747394880-817575484-1107044129=:22427
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
...[actual email message text as sent to mail list was here]
---1747394880-817575484-1107044129=:22427
Content-Type: APPLICATION/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: BASE64
Content-Description: S/MIME Cryptographic Signature
Content-Disposition: attachment; filename="smime.p7s"
... [s/mime signature was here]
---1747394880-817575484-1107044129=:22427--
--===============1890379832==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
... [mail list footer was here]
--===============1890379832==--
-----------------------------------------------------------------------
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net