At 2:44 PM -0500 12/21/01, Housley, Russ wrote:
First, he is pleased to see the working group addressing the subject line
issue. While this issue was not part of his initial concerns, he agrees
that it deserves a solution.
Non-To: headers are of concern, but they are a completely different
beast than To: headers with respect to Don's draft.
Second, he would like to see the working group mandate the inclusion of the
TO, CC, and FROM lines whenever encryption and signature are used
together.
Why only those headers? Other headers are also important. Date: comes to mind.
As he explained in is I-D, he does not believe that many users
are able to understand the interaction between signing, encrypting, or both
(in either order).
True.
Third, he would like to see the TO, CC, and FROM lines automatically
processed by the receiving mail agent software. While he acknowledges the
issues associated with BCC, mail lists, and so on, he firmly believes that
the people writing the software understand the situation much better than
mass market e-mail users.
True.
Fourth, he would like to see the working group mandate the inclusion of the
TO, CC, and FROM lines whenever the sending agent or the receiving agent
represents a human. In other words, computer-to-computer communications
may not need these to be protected.
And we determine that how?
--Paul Hoffman, Director
--Internet Mail Consortium