From: Thomas Roessler <roessler(_at_)guug(_dot_)de>
Subject: Re: Revising RFC 2015
Date: Wed, 9 Sep 1998 14:34:02 +0200
I'd suggest that PGP/MIME implementations MUST enumerate
correct hash algorithms onto the micalg parameter when
generating and PGP/MIME implementations MAY ignore the
micalg parameters when accepting.
There is nothing in the RFC which says an implementation
Which does this "the RFC" refer to, RFC 1847 or RFC 2015?
MUST evaluate the micalg parameter when accepting, so your
letter point is precisely what's in the RFC right now.
OK, fine. I wrote my farmer sentence to make my explanation symmetric.
(I didn't claim any RFCs on this topic.)
That hash algorithms MUST be listed correctly is evident
from the text and doesn't need to be mentioned separately.
What do you mean "separately"? I didn't say anything about editorical
issues on this topic.
If a user agent creates a message which doesn't conform to
the spec, the receiver will conform to the GIGO principle:
Garbage in, garbage out. All this is not so new...
OK, this is the point of our debate.
This interpretation is just yours. Since RFC2015 doesn't say accepting
manner explicitly, there are two possibilities.
(1) mis-match is legal
-> MAY ignore the micalg parameter
(2) mis-match is illegal
-> treat it as garbage? (in your terminology)
Again, PGP/MIME RFC should define both syntax and its semantics. RFC
2015 defines syntax but some semantics are missing.
--Kazu