[Top] [All Lists]

Re: The subject line leakage problem

2001-12-21 19:40:33

This is getting much more complicated than it needs to be, and is
likely to break interoperability with non-enhanced clients.

The simplest thing to do is to say:
- Senders should put the minimum that they want in the unprotected headers
- Senders include as much as they want protected in a
text/rfc822-header part at the beginning of a multipart/mixed message
- Enhanced clients should display the message with the headers from
the text/rfc822-header part moved to where the user thinks he/she
sees the headers. In the case of headers that are in both in the 822
message and in the text/rfc822-header body part, the latter wins
(because it is protected)

Even simpler than this is to use message/rfc822. It has the advantage that
conformant MUAs are supposed to handle it. There is no such requirement for

- The moved-up headers may cause side-effects that the MUA should act
on. For example, if the Cc: in the 822 headers is "bill(_at_)example(_dot_)com"
but the Cc: in the protected headers is "amy(_at_)example(_dot_)com", the "reply
to all" action should include amy but not include bill.

The rules for header merging from message/partial can probably be applied