Keith;
MIME developers are.
MIME is too much e-mail centric.
Whether one use content-type or file name is irrelevant to mail
security, just as whether one use uuencode or base64 is
irrelevant, on both of which MIME developers wasted a lot of time.
It also
produced mail readers that didn't properly label content on outgoing mail and
ignored the content-type parameter on incoming mail, instead looking at the
suffix of a nonstandard "filename" parameter (which was only intended for use
with application/octet-stream).
On most OSes, including but not limited to UNIX, that's the way to
designate content types of files.
MIME should have followed the practice and IANA could be the central
authority to register filename extensions with their possible security
holes.
Instead, MIME developers arrogantly claimed that OSes should be
modified to support MIME content-type (and even that text files
on OSes should use MIME format to support other tags such as
charset).
Rest of us righteously ignored it.
Words that come to mind to describe this include: Willful, Criminal, and
Negligence.
Exactly. But, see above.
Masataka Ohta