ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SV: SV: MIME-Version or not?

2006-06-07 04:51:40
from [Joachim Abrahmsén] [Permanent Link] 

Well, I thought the RFC's where designed to handle all cases you mention,
i.e. (a), (b) and (c) below, even if we only use case (a) for now. We prefer
not to make any assumptions about the contents of the inner object and would
like to follow the RFC's in order to achieve interoperability, even with
implementors outside our group (Swedish energy sector).

When I read section 3.1 of RFC 2311 (S/MIME v2) and RFC 3851 (S/MIME 3.1) I
would say that 'MIME-Version' should be included in both inner and outer
MIME-entity as they are unrelated.

Should there be 'MIME-Version' or not in the _inner_ MIME-entity of an
S/MIME enveloped e-mail?
Is there a contradiction between the RFC's, or are we missing something?


Best regards

Joachim Abrahmsén



Thank you for your response,



please note that the question is whether the _inner_ MIME-entity should

have

MIME-Version included or not.



They argue as follows:



"Here are some arguments why the MIME-version header field should not be
required in an inner entity of a S/MIME message. I have chosen to refer to
the most recent RFC versions since these hopefully address some of the
ambiguities of the preceding versions.



In RFC 2045 (MIME Part One) chapter 3 "MIME Header Fields" the formal
definition of "entity-headers" does not contain the version header. The
version header is only part of "MIME-message-headers". And since RFC 3851
(S/MIME Version 3.1) concerns securing "MIME entities" it seems reasonable
to require the "entity-headers" to be included in the inner MIME entity

but

not the "MIME-message-headers". Of course the outer S/MIME message itself
should have a version header. This itself implies (per definition) that

the

contents (inner entity) is a MIME entity which thereby is described by the
"entity-headers" Content-Type etc."



I would be very happy to settle, this.


The key question is whether or not the inner object can be (a) a MIME
object, (b) an RFC 822 message, or (c) Something else. If only (a) is
possible then you're dealing with a MIME entity and the MIME version field
is superfluous. If (b) or (c) are possible then you're supposed to include
the field and use it to tell whether or not you're dealing with a MIME
object. (In practice most agents assume MIME is being used when they see
a competent content-type field, irrespective of MIME-Version. But this
isn't what the specifications call for.)

                                Ned
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SV: MIME-Version or not?, Ned Freed
Next by Date:  RE: SV: MIME-Version or not?, Bonatti, Chris
Previous by Thread:  Re: SV: MIME-Version or not?, Ned Freed
Next by Thread:  RE: SV: MIME-Version or not?, Bonatti, Chris
Indexes:  [Date] [Thread] [Top] [All Lists]