[Top] [All Lists]

Re: Multipart non-clearsigned messages possible?

2002-09-10 21:22:13
While the protocol support the signing of arbitrary MIME objects, it would be quite difficult to write a mail client user interface that allows the user to select a subset of the message to be covered by the signature.  So, in practice, we have seen sign-it/do-not-sign-it as the user interface.

That said, I think that it is very likely that application-to-application communications will be developed that encrypt and sign selected portions of a larger data transfer.  I think this is likely because there is not a user interface issue.


At 11:40 AM 9/9/2002 +0100, Elanor Foley wrote:
Hello all,
This may seem like a silly question, but is it possible to have a multipart, non-clearsigned s/mime message?
My current thinking is
a) it's not possible: the whole message gets signed, including attachments.
b) it's possible: some part(s) of the message get signed, other parts, e.g. audio file, can be attached without being signed. The verification is only computed across the eContent inside the signedData anyway.
If b), does anyone know of an example I could look at (incl. headers)?
 - Lnr
<Prev in Thread] Current Thread [Next in Thread>