[Top] [All Lists]

Re: Fwd: The state of PKI-related MIME-type standards

2006-10-16 19:11:26

>> From: "Anders Rundgren" <anders(_dot_)rundgren(_at_)telia(_dot_)com>
>> To: <ietf-pkix(_at_)imc(_dot_)org>
>> Subject: The state of PKI-related  MIME-type standards
>> Date: Wed, 27 Sep 2006 00:18:26 +0200
>> Regarding "right" schemes, it appears that the IANA process is
>> incompatible with the development situation since you cannot get a
>> name without having an RFC and then your development gets stuck in a
>> process you have no control over.  Due to this you must "begin" with
>> an x- extension that (if your stuff is successful), will be impossible
>> to replace since you have no control of the other implementations.
>> And there you is ;-|

It's been ten years and best practice is "accept both x-pkcs7-signature
and pkcs7-signature" (repeat for the other MIME types defined in the MSG
RFC) today, as evidenced by two mainstream clients (at least one of
which I don't think even existed during the x-pkcs7-signature days) that
emit this.

So as "a group that uses MIME types" I'm not sure what we can do. If we
open the MSG RFC again, we can clarify that some people use X- and
however naughty that is, you MUST accept it. But then again,
contemporary clients MUST NOT emit it. But then again, some (out of
spec) clients might ONLY accept that version... Yaaa.

As a somewhat MIME-specific observation, the only way I can see to avoid
this is to never, ever rename your MIME type, which might mean never
ever have an X- version of your MIME type.

This is indeed the right approach. x- is in retrospect a bad idea.

And I'm not sure that this is compatible with MIME type procedure.

I know of no conflict with current procedures. If you're going after a
standards tree type, simply write your draft using the name you want. There has
never been a case of a conflict -  it isn't like the type namespace is so tiny
that there's appreciable risk of someone steaking your type name out from under

If, OTOH, you want a type in the vendor or personal tree, nothing prevents
you from registering these as soon as you come up with the name.

I imagine that this has been
discussed before in the MIME community, but I personally don't know how
it came out.

I don't know of any specific discussion, which makes me think that this
has become a nonissue.