On 2005-07-20 10:34:24 -0700, Douglas Otis wrote:
On Jul 20, 2005, at 8:37 AM, Michael Thomas wrote:
Thomas Roessler wrote:
Or one could insert an empty line in front of a content-type header,
turning an HTML body part into a text/plain one. (Do that on a
large scale with a legitimate, DKIM-signed HTML message from some
large financial institution, and see how their helpdesk reacts to
it.)
Huh? This would break the signature. In any case, banks are
poster children for users who should use simple.
While I agree this technique would break the signature,
It wouldn't...
--foobar
Content-Type: text/html
<html>...
Turns into:
--foobar
Content-Type: text/html
<html>...
(I.e., we now have a Content-Type line in the body, and an empty
MIME header. That is, the MIME body part's type is, by default,
text/plain.)
Regards,
--
Thomas Roessler, W3C <tlr(_at_)w3(_dot_)org>