Re: Observations on how some mail lists deal with signed (S/MIME and PGP



On Tue, 1 Feb 2005, william(at)elan.net wrote:

On Tue, 1 Feb 2005, Jim Fenton wrote:


William,

I think you're arguing in favor of your earlier ideas on MIME encapsulation,


They are all still there in a way, I made sure META can do all the same 
signing as could be done with META Signatures. Being able to specifically

This was supposed to be "as could be done with MTA Signatures".

I'm actually still working on how to properly indicate mime part in EDigest
and I'm going to be using RFC2111 cid and mid URLs (which are way to 
reference Message-ID and Content-ID headers) so it would actually be 
properly standard based and not require some new structure and use of old 
and possibly conflicting attachment/mime part names as I originally had in 
MTA Signatures.

One of the problems with cid/mid is they seem to imply clear separation 
in that Message-ID should specify entire mail message while Content-id
is for specific mime part and used in MIME headers. I don't quite agree 
with this because message body is in fact content in itself and as I 
demonstrated in the example with re-encapsulation by mail list, this 
content could become mime message part but not otherwise have been 
changed, so I would like to be able to refer to it by cid as well,
but I can not be certain that CID would be moved to mime-part if data
is encasulated (but it would probably happen if content-id was 
part of content-type header). Besides that I have real problem with
following conflicting statements from RFC2111:
  "In limited circumstances (e.g., within multipart/alternate), a single
   message may contain several body parts that have the same Content-ID."
While later it says:
  "Both message-id and content-id are required to be globally unique.
   That is, no two different messages will ever have the same Message-ID
   addr-spec; no different body parts will ever have the same Content-ID
   addr-spec."
I'm of course going to assume the latter is true...

---
William Leibzon, Elan Networks:
 mailto: william(_at_)elan(_dot_)net
Anti-Spam and Email Security Research Worksite:
 http://www.elan.net/~william/emailsecurity/

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages, Jim Fenton Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages, william(at)elan.net Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages, william(at)elan.net <=

Previous by Date:	Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages, william(at)elan.net
Next by Date:	Re: Using DK/IIM [was: Re: So here it is one year later...], Jim Fenton
Previous by Thread:	Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages, william(at)elan.net
Next by Thread:	MASS Security Review document, Jim Fenton
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: Observations on how some mail lists deal with signed (S/MIME and PGP) messages