On Tue, 16 Jul 2002 13:07:55 +0900, Dave Crocker
<dave(_at_)tribalwise(_dot_)com> said:
The originator sends multipart/alternative content, such as html and
text/plain. The sending MTA invokes conneg and sends only the content
format that the receiving mailing list server is willing to accept.
This becomes bletcherously messy if you also want to support multipart/signed.
Rather than have this:
multipart/signed
multipart/alternative
text/html
text/plain
application/signature
you need to do this:
multipart/alternative
multipart/signed
text/plain
application/signature
multipart/signed
text/html
application/signature
(I'll overlook the fun if it's a multipart/encrypted to some previously
distributed key (software distribution, etc), and the fact that this means
you have to poke around *two* levels down to see which alternative you want).
This gets *particularly* interesting if posting to two lists that have
distinct policies - whereas in the first case you have one signature that
binds the two text/ parts together as an entity, in the second case you have
two separate signatures over different objects. This leads to an interesting
"talking out both sides of your mouth" attack, where you can appear to post
the same thing to different lists, but different parts get rejected by
different lists leaving each constituency with a different signed object that
they think is the SAME as the other list got. (Imagine a mailing list of
shareholders that accepts HTML, and a mailing list of upper management that
accepts text/plain, and run with that a bit.. ;)
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
pgpmpqJaOkhfb.pgp
Description: PGP signature