[Top] [All Lists]

Re: [openpgp] Work items for openpgp relaunch: Content-type equivalent

2015-03-15 15:13:05
Hi Werner,

On 03/15/2015 08:43 PM, Werner Koch wrote:
On Sat, 14 Mar 2015 21:49, tbray(_at_)textuality(_dot_)com said:

There’s one missing piece, the equivalent of HTTP Content-type.  You can
easily encrypt anything - a message, a picture, a video - and send it off

What about using RFC-3156 PGP/MIME and set the Content-type? 

If setting the Content-type to something different than
"application/octet-stream" would leak the Content-type to others or do
you have a different usage in mind?

There are related problems to this:
- RFC 3156 only considers the usage of ASCII armored data, we also like
to share encrypted binary files.
- Currently we "share" a blob with Content-type
"application/octet-stream", while we actually want something more
concrete that identifies OpenPGP-encrypted blobs. We don't use
"application/pgp-encrypted" as it is specified to only hold the version

IIRC, a new flag 'm' for the Literal Data Packet was once suggest to
indicate the data has a MIME structure.  That would allow to convey all
kind of meta information using a matured standard.

The related draft is here:

I like this approach as it hides the MIME type in the encrypted header.
Having this and a MIME type for OpenPGP-encrypted blobs would solve the
problem for us, what about "application/pgp-encryption"?

Maybe I am overseeing something, so any pointers are appreciated :)


Attachment: signature.asc
Description: OpenPGP digital signature

openpgp mailing list
<Prev in Thread] Current Thread [Next in Thread>