ietf-mailsig
[Top] [All Lists]

Observations on how some mail lists deal with signed (S/MIME and PGP) messages

2005-01-31 15:05:38


I've been looking at what do different mail redirection systems (mail lists
in particular) do with emails and discovered that some (especially newer) 
mail lists treat S/MIME and PGP/MIME signed email different then other 
email they process (not surprising and this is obviously a good thing).

In particular what I found interesting cases when mail list saw
multipart/signed as primary Content-Type in the email header, it made
that into separate multipart/signed mime part and made the email itself
multipart/mixed consisting of this multipart/signed part as first one
and then text/plain with mail list signature.

So in this case email list not only added text at the end but in the 
middle and changed content-type and I imagine this would be a problem
for IIM. This case is also why I said when I first saw DK draft about
year ago, that for mime messages, signature should be linked to mime 
part(s) rather then be for entire message.

To show it on example of what I'm talking about above, this is what 
relevant parts of my email looked like before it was posted to mail list:

-----------------------------------------------------------------------
MIME-Version: 1.0
Content-Type: MULTIPART/signed; 
BOUNDARY="-1747394880-148699519-1107041545=:19042"; 
 protocol="application/x-pkcs7-signature"; micalg=sha1
...[rest of the headers of email message were here]

---1747394880-148699519-1107041545=:19042
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
...[actual email message text as sent to mail list was here]
---1747394880-226898404-1107027634=:13052
Content-Type: APPLICATION/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: BASE64
Content-Description: S/MIME Cryptographic Signature
Content-Disposition: attachment; filename="smime.p7s"
... [s/mime signature was here]
---1747394880-148699519-1107041545=:19042--
-----------------------------------------------------------------------

And this is what it looked like after mail list post:

-----------------------------------------------------------------------
Mime-version: 1.0
Content-Type: multipart/mixed; boundary="===============1890379832==
...[rest of the headers of email message were here]

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
--===============1890379832==
Content-Type: MULTIPART/signed;
        BOUNDARY="-1747394880-817575484-1107044129=:22427";
        protocol="application/x-pkcs7-signature"; micalg=sha1

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
---1747394880-817575484-1107044129=:22427
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
...[actual email message text as sent to mail list was here]
---1747394880-817575484-1107044129=:22427
Content-Type: APPLICATION/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: BASE64
Content-Description: S/MIME Cryptographic Signature
Content-Disposition: attachment; filename="smime.p7s"
... [s/mime signature was here]
---1747394880-817575484-1107044129=:22427--
--===============1890379832==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
... [mail list footer was here]
--===============1890379832==--
-----------------------------------------------------------------------

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>
  • Observations on how some mail lists deal with signed (S/MIME and PGP) messages, william(at)elan.net <=