ietf-smime
[Top] [All Lists]

Re: The subject line leakage problem

2001-12-27 10:25:47

It seems that message/rfc822 is used to encapsulate an entire message.  In
this case, we want to repeat a subset of the RFC 822 header lines from the
current message, and we never want to duplicate the body.

I think this is the wrong way to go about it. If you want to protect an
entire message including its outermost headers, simply place the entire
message inside your protective envelope using the message/rfc822 construct.
Then strip the outer, unprotected header to its barest essentials.

The process is then reversed by the receiver.

This approach uses nothing but existing media types and can leverage existing
support for message/partial and message/rfc822. It doesn't require that you add
additional fields to your structures, with all the attendant deployment
problems that will cause.

The required support for message/rfc822 is attractive, but I am not sure
that is has the correct semantics.  Can you explain your idea further?

See above. At most what's needed here is an indicator in the protected content
that it is to be merged with the outer message header on receipt. That could
easily be done with either a message-context or a content-disposition field in
the protected content.

                                Ned

<Prev in Thread] Current Thread [Next in Thread>