On 2000-05-11 09:44:28 +0100, Ian Bell wrote:
Should the issue of binary versus text-mode signatures
be addressed?
It should, and I believe the following would be the most
robust solution:
(1) require clients to create text mode signatures
(2) require clients to use either quoted-printable or
base64 for any body parts which contain trailing
whitespace.
Note that this seems to be what most clients do anyway at
present.
Rationale: MIME has been carefully designed in a way which
makes sure that all essential information makes it through
gateways which tamper with trailing whitespace. Thus, we
should make sure that PGP/MIME signed messages don't lose
any information on such paths, either.
Not losing any information in the signed body is
guaranteed by the use of qp/base64, whenever trailing
whitespace is present.
Not unnecesarily invalidating signatures is guaranteed by
the use of text-mode signatures, since these signatures
will ignore any trailing whitespace. Note that this
trailing whitespace must be ignored by standard-conforming
decoders for qp/base64, too, and doesn't carry any meaning
in RFC822 (think about message/rfc822 attachments) or MIME
headers, so signature verification will fail if and only
if actual content has been modified.
Binary-mode signatures would also be invalidated if
trailing whitespace is tampered with, even though it
doesn't carry any meaning to the MIME encoding used.
Comments?
--
Thomas Roessler <roessler(_at_)does-not-exist(_dot_)org>