In article <199809171101(_dot_)EAA21438(_at_)mail(_dot_)proper(_dot_)com>,
Lindsay Mathieson
<lindsay(_at_)powerup(_dot_)com(_dot_)au> writes
RFC2311 (SMIME) and RFC1847 (upon which PGP/MIME has been based) only
allow MIME headers to be protected by the encryption process. Was there
any discussion during the preparation of RFC1847 about the possibility
/ desirability / feasibility of allowing general RFC822 headers to
be included in the encrypted part of the message?
Its quite acceptable to generate your message as a message/rfc822 mime type
and encrypt the entire body.
I had considered that (and had intended to mention it), but using
message/rfc822 doesn't quite give the same effect. In fact it wouldn't
work at all in the case of the Disposition-Notification-To header unless
the RFCs were modified.
The MIME headers within the encrypted body _replace_ the MIME headers in
the header of the message actually received, whereas the headers within
a message/rfc822 body don't. It would not be clear to the receiving MUA
whether the message/rfc822 were to be regarded as a forwarded message or
to be regarded as the original, fully encrypted, message.
Allowing RFC822 headers to be encrypted alongside the MIME headers would
unambiguously indicate that those headers were intended to be part of
the original message.
--
Ian Bell T U R N P I K E Ltd