A discussion started over on the international mail list, but the question
I had seemed more appropriate for ietf-smtp and ietf-822. I've Bcc'ed the
international mail list.
On 7/8/98 at 7:21 PM -0700, Ned Freed wrote:
You have to check for and make sure not to change anything within a
multipart/signed. (Multipart/encrypted is a nonissue, as the entire part is
encoded.) If the multipart/signed contains 8bit I currently default to sending
it through untouched, which of course is technically illegal but works often
enough that it rarely results in a problem. I also support configurations
the signature is simply removed in such cases, either with or without an
attempt to verify.
Note, however, that the contents of multipart/signed are supposed to be
7bit-friendly when multipart/signed is used with potentially 7bit-only
transports like SMTP. Unfortunately clients exist that botch this.
So I was thinking: Would it be reasonable for us to create a field for the
signature sort of like:
which would indicate the CTE used to compute the signature? That way, if an
MTA does downgrade a message, the signature can still be verified because
you can always recover the original content after a downgrade.
The rule for gateways would be: When downgrading a multipart/signed which
already has a Content-Signed-Part-Encoding, preserve that field exactly as
it was. If there is no Content-Signed-Part-Encoding, add one.
Anyone who's currently following the rules and sending 7bit encodings would
still be fine. Anyone who's breaking the rules and sending 8bit or binary
encodings without any labeling may get some help during the downgrade. The
only problem's going to be recipients who can't verify the signature
because they don't recognize to upgrade back to the CSPE, but there was
some chance that those would fail anyway because the originator sent 8bit
blindy in the first place.
Pete Resnick <mailto:presnick(_at_)qualcomm(_dot_)com>
Work: (217)337-6377 or (619)651-4478
Fax: (217)337-1980 or (619)651-1102