I like #2. As one of the authors of 1847 I've got a short list of
updates that could also be incorporated.
I'm volunteering to do this if you agree.
Jim
--
James M. Galvin <galvin(_at_)acm(_dot_)org>
On Fri, 5 Oct 2001, Housley, Russ wrote:
Date: Fri, 05 Oct 2001 16:51:09 -0400
From: "Housley, Russ" <rhousley(_at_)rsasecurity(_dot_)com>
To: Blake Ramsdell <blaker(_at_)tumbleweed(_dot_)com>
Cc: "'ietf-smime(_at_)imc(_dot_)org'" <ietf-smime(_at_)imc(_dot_)org>
Subject: Re: multipart/signed clarifications
Blake:
I like #1, as long as it includes some examples.
Russ
At 11:48 AM 10/5/2001 -0700, Blake Ramsdell wrote:
>Siegfried Schmitt mentioned in private email that using S/MIME with
detached
>signatures (multipart/signed) could use some clarification, and I agree.
>There is always confusion about what exact data needs to be digested in
>order to create the signature. However, this is a problem that transcends
>all multipart/signed implementations, and is not just limited to S/MIME.
>
>Off the top of my head, I see some options:
>
>1. Create a new draft to supplement RFC1847 ("implementation notes for
>security multiparts")
>
>2. Reissue RFC1847 with modifications
>
>3. Stick some more verbiage in the new MSG draft, along with some examples
>
>These are in order of my personal preference. I know that there are
>implementors out there that can contribute to this, and I know that OpenPGP
>uses RFC1847 also, so a separate draft benefits everyone.
>
>Any comments?
>
>Blake
>--
>Blake C. Ramsdell, Tumbleweed Communications
>Voice +1 425 376 0225 x103 Fax +1 425 376 0915