[Top] [All Lists]

Re: multipart/signed clarifications

2001-10-06 07:32:42

I like #2.  As one of the authors of 1847 I've got a short list of
updates that could also be incorporated.

I'm volunteering to do this if you agree.


James M. Galvin <galvin(_at_)acm(_dot_)org>

On Fri, 5 Oct 2001, Housley, Russ wrote:

    Date: Fri, 05 Oct 2001 16:51:09 -0400
    From: "Housley, Russ" <rhousley(_at_)rsasecurity(_dot_)com>
    To: Blake Ramsdell <blaker(_at_)tumbleweed(_dot_)com>
    Cc: "'ietf-smime(_at_)imc(_dot_)org'" <ietf-smime(_at_)imc(_dot_)org>
    Subject: Re: multipart/signed clarifications
    I like #1, as long as it includes some examples.
    At 11:48 AM 10/5/2001 -0700, Blake Ramsdell wrote:
    >Siegfried Schmitt mentioned in private email that using S/MIME with 
    >signatures (multipart/signed) could use some clarification, and I agree.
    >There is always confusion about what exact data needs to be digested in
    >order to create the signature.  However, this is a problem that transcends
    >all multipart/signed implementations, and is not just limited to S/MIME.
    >Off the top of my head, I see some options:
    >1. Create a new draft to supplement RFC1847 ("implementation notes for
    >security multiparts")
    >2. Reissue RFC1847 with modifications
    >3. Stick some more verbiage in the new MSG draft, along with some examples
    >These are in order of my personal preference.  I know that there are
    >implementors out there that can contribute to this, and I know that OpenPGP
    >uses RFC1847 also, so a separate draft benefits everyone.
    >Any comments?
    >Blake C. Ramsdell, Tumbleweed Communications
    >Voice +1 425 376 0225 x103  Fax +1 425 376 0915

<Prev in Thread] Current Thread [Next in Thread>