-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Russ
Housley
Sent: Thursday, April 22, 2004 7:26 AM
To: ietf-smime(_at_)imc(_dot_)org
Subject: Fwd: RE: Last Call: 'S/MIME Version 3.1 Message
Specification' to Proposed Standard
Does the S/MIME WG have a response to this comment? I
suspect so. Please
coordinate a response and send it to iesg(_at_)ietf(_dot_)org before
Last Call expires.
I may be missing the exact details here, so people can jump in where I'm
misguided.
Basically this is a multipart/signed message where a signature was
applied, and an entity that performed intermediate processing
deliberately violated section 2.1 of RFC1847 which states:
<verbatim>
The entire contents of the multipart/signed container must be treated
as opaque while it is in transit from an originator to a recipient.
Intermediate message transfer agents must not alter the content of a
multipart/signed in any way, including, but not limited to, changing
the content transfer encoding of the body part or any of its
encapsulated body parts.
</verbatim>
So is this "From mangling" problem prevalent enough to warrant special
treatment in the S/MIME spec is the question here, since it's already
been stated that you shouldn't do it. Based on the lack of discussion
and consensus when this issue was first brought up, we need to
understand the community feel better. That is, is this particular
mangling more prevalent than the other issues that aren't currently
discussed in the spec (are there whitespace issues we need to think
about, for instance)?
Blake