I don't remember if this was changed in the S/MIME V2 spec or not,
however there was a general agreement among the S/MIME developers at the
last RSA workshop that we would restrict ourselfs to the case where the
security was applyed only once and only as the top level object.
This should change with people starting to implement the V3 spec, we
should handle security at any level and to any depth in the mime stream.
However don't be suprised if some clients only handle the restricted
case.
Jim Schaad
Microsoft
-----Original Message-----
From: Paul Hoffman / IMC [mailto:phoffman(_at_)imc(_dot_)org]
Sent: Wednesday, January 28, 1998 9:52 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: Re: Question about signing attachments separately
Karen missed Mark's point. If you have a MIME entity such as a
multipart/mixed,
you have the option of treating that as a single entity and signing it,
or
signing each sub-entity. I believe the current S/MIME spec is silent on
this
choice, but I suspect that some implementations may not handle
signatures on
non-nested subentities very well.
--Paul Hoffman, Director
--Internet Mail Consortium