ietf-smime
[Top] [All Lists]

Re: application/mime and binary data

1997-07-30 11:54:53
At 5:10 PM -0400 7/28/97, John Gardiner Myers wrote:
multipart/signed
takes care of the "transparent signed" problem only.

Wrong.

Multipart/signed solves both problems.  It does this because it places no
restrictions on the object that was signed.  It can be transparent or not,
according to context.

Multipart/signed declares by fiat that its contents are opaque.  In theory,
this means the signed object can be left readable, i.e., unarmored, and
therefore even user agents that are not security aware can "process" the
object.  In practice, however, we all know this doesn't work because
multipart/signed objects are not treated as opaque by gateways.

Further, although application/(signed or mime) guaratees the opaqueness, I
don't see it as a big win.  It seems to me it's more of a "the end
justifies the means", if the end is actually accomplished.

I say this because with it we have two options where we used to have one
and now we have to choose every time we send a message.  And don't even
suggest that user agents are somehow going to decide for the user, except
perhaps that they'll set a default (which will no doubt be application/*).
So, while it may be a technical move forward, it's not making things any
easier for the user.

How can this be a win?

Jim

----------------------------------------------------------------------------
James M. Galvin                                          
galvin(_at_)commerce(_dot_)net
CommerceNet                                                  +1 410.203.2707
3209A Corporate Court                                    FAX +1 410.203.2709
Ellicott City, MD 21042                             http://www.commerce.net/



<Prev in Thread] Current Thread [Next in Thread>