On Mon, Apr 16, 2001 at 12:51:51PM -0000, Erland Sommarskog wrote:
Thomas Roessler <roessler(_at_)does-not-exist(_dot_)org> writes:
It should also be noted it's impossible to convert a
multipart/signed entity which contains 8bit body parts to any 7bit
format without breaking the signature. (Remember that MIME
explicitly forbids nested MIME encodings: Recoding has to happen on
the leaf level of a nested MIME structure.)
Since I know very little about this signing business, I'll have to
ask some really stupid questions.
What is in multipart/signed? Is it just the signature? Or is it any part
of the message that a human is supposed to read?
Mulitpart/signed, while probably the best of the singature forms, is not
suitable to USENET. It only signs the body. Signing the body is not
just the least interesting thing we can do in USENET (99.9% of all problems
come from forged headers, not modification of bodies) it can actually
have negative value, if it leads people to think the article is "signed"
and thus can be trusted in ways that it actually can't.