ietf-smime
[Top] [All Lists]

RE: Interop Requirement for Signed Data formats

2004-03-27 17:49:30

On Sat, 27 Mar 2004, Paul Hoffman / IMC wrote:

At 12:17 PM -0500 3/26/04, Bonatti, Chris wrote:
Agree.  It should read:

There are two formats for signed messages defined for S/MIME:
application/pkcs7-mime with SignedData, and multipart/signed.
Sending agents MUST support the multipart/signed form, and SHOULD
support the application/pkcs7-mime form. Receiving agents SHOULD
be able to handle both.

Disagree with Chris, agree with Jim. The paragraph in the current
document should read:

There are two formats for signed messages defined for S/MIME:
application/pkcs7-mime with SignedData, and multipart/signed. In
general, the multipart/signed form is preferred for sending, and
receiving agents MUST be able to handle both.

Minor nit: multipart/signed also contains a PKCS7 SignedData object.

We have been over this a million times, and it is clear we can't come
to agreement. It's history vs. correct interaction with the rest of
email, and both have strong arguments in their favor.

I also agree.  Nevertheless, it might be worth a stronger warning that
multipart/signed has a greater risk of being mangled by non-compliant
mail handling software.  Many examples of this have been discovered in
mailing list software.  At least one I know of mangles the message so
badly that the plaintext is rendered unreadable by common agents.

Eric Norman

        "Congress shall make no law restricting the size of integers
        that may be multiplied together, or the number of times that
        an integer may be multiplied by itself, or the modulus by
        which an integer may be reduced".


<Prev in Thread] Current Thread [Next in Thread>