At 6:07 PM -0700 4/22/04, Blake Ramsdell wrote:
Basically this is a multipart/signed message where a signature was
applied, and an entity that performed intermediate processing
deliberately violated section 2.1 of RFC1847 which states:
<verbatim>
The entire contents of the multipart/signed container must be treated
as opaque while it is in transit from an originator to a recipient.
Intermediate message transfer agents must not alter the content of a
multipart/signed in any way, including, but not limited to, changing
the content transfer encoding of the body part or any of its
encapsulated body parts.
</verbatim>
Correct. The final MTA doesn't give a hoot about RFC 1847 and
modifies some part of the message without even noticing the MIME,
much less anything special in the MIME.
So is this "From mangling" problem prevalent enough to warrant special
treatment in the S/MIME spec is the question here, since it's already
been stated that you shouldn't do it. Based on the lack of discussion
and consensus when this issue was first brought up, we need to
understand the community feel better. That is, is this particular
mangling more prevalent than the other issues that aren't currently
discussed in the spec (are there whitespace issues we need to think
about, for instance)?
This form of mangling is common, so I think it is worth a short
mention in the document. However, that's just a mention, not a new
MUST/SHOULD/MAY. Maybe along the lines of:
Note that it is common for SMTP agents to change the body of
messages, such as to add a ">" before the word "From " at the
beginning of a line in a message body. If such agents ignore the
rules of RFC 1847, there is nothing that an S/MIME agent can do about
it.
(As a side note, From-mangling could affect a multipart/encrypted
message, but that is far less likely to be able to happen.)
--Paul Hoffman, Director
--Internet Mail Consortium