This email about encrypting the subject reminded me of a more general issue
that I wanted to bring up here. I think that the current PGP/MIME standard
has a very annoying flaw that is relatively easy to fix. Here's a short
description:
There is no distinction between PGP/MIME data and regular RFC2440 data,
although all it would take is a flag in the Literal packet. This way, if I
saved the PGP MESSAGE from an application/pgp-encrypted MIME chunk (which is
doable even with MUAs ignorant of PGP/MIME), I could still decrypt it into a
usable file (e.g. a jpeg image).
I would suggest the following modification of RFC2440bis-14:
5.9. Literal Data Packet (Tag 11)
A Literal Data packet contains the body of a message; data that is
not to be further interpreted.
The body of this packet consists of:
- A one-octet field that describes how the data is formatted.
If it is a 'b' (0x62), then the literal packet contains binary data.
If it is a 'm' (0x6D), then the literal packet contains data in MIME
canonical format.