At 1:37 PM -0800 12/17/01, Hallam-Baker, Phillip wrote:
On the 'replace other headers', the problem there is that we
end up back in
the rat-hole. People will propose all sorts of random
headers ad infinitum.
That doesn't matter because RFC 2822 allows you to add as many
ill-conceived headers as you want to a message.
And others will counter that there are integrity problems
and then we have
the interop issue, etc.
There is no interop issue. What I proposed was that headers found in
the body part be *displayed* in the message, not substituted into the
message for storage. It's a user presentation hack, not a message
I don't think that the problem is big enough to require a
whole new S/MIME
spec to solve, just a minor tweak to implementations.
--Paul Hoffman, Director
--Internet Mail Consortium
First, this is an issue for signed as well as encrypted messages. You
want to protect the subject for signed messages as well as hide the
subject for encrypted messages.
Second, the solution of putting items here solves the problem for
MIME/Internet mail. But I think that we need to ask the X.400
communities if they want the problem solved for them as well.
Third, I worry about what happens for forms type messages. Using the
multipart may take care of this however. We initially had a "bug" in
Microsoft Outlook Express where we place the 822 headers in the body of
the message, and then populated the display headers from this
information. I agree that this is a bad solution and should not be