ietf-mailsig
[Top] [All Lists]

Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages

2005-02-01 11:21:24

William,

I think you're arguing in favor of your earlier ideas on MIME encapsulation, but as I read it all of the things you're describing are dealt with if the mailing list (or whatever munges the message) re-signs it after modification. Is there any situation you see where re-signing isn't feasible?

-Jim


william(at)elan.net wrote:

I've been looking at what do different mail redirection systems (mail lists
in particular) do with emails and discovered that some (especially newer) mail lists treat S/MIME and PGP/MIME signed email different then other email they process (not surprising and this is obviously a good thing).

In particular what I found interesting cases when mail list saw
multipart/signed as primary Content-Type in the email header, it made
that into separate multipart/signed mime part and made the email itself
multipart/mixed consisting of this multipart/signed part as first one
and then text/plain with mail list signature.

So in this case email list not only added text at the end but in the middle and changed content-type and I imagine this would be a problem
for IIM. This case is also why I said when I first saw DK draft about
year ago, that for mime messages, signature should be linked to mime part(s) rather then be for entire message.



<Prev in Thread] Current Thread [Next in Thread>