if possible please keep that part generic enough to also work for
pgp/mime (https://tools.ietf.org/html/rfc3156). i strongly suspect that
there's fewer hoops to jump through for pgp/mime than for s/mime, so
supporting both shouldn't be onerous.
It looks like there's a fair amount of overlap. Oh, there is one additional
bit of tooling I think is necessary: being able to specify the "raw" contents
of a multipart part when CREATING a message.
All of these seem like they are extra stuff that should be added to mhstore.
i'm not entirely sure how you envision that split between nmh and 'other
tools' to work, because you mention both generating s/mime messages
and mhstore at the same time.
Let me see if I can make it clear enough. Here's my vauge idea of
a sample script that would generate a S/MIME multipart/signed. The
argument is a nmh draft file. Pretend error checking is being done,
cleanup on exit, etc etc.
#!/bin/sh
mhbuild -auto -directives $1
mhstore -file $1 -headers -outfile /tmp/newdraft.$$
mhstore -file $1 -toplevel -canonical -multicontent -outfile
/tmp/body-canonical.$$
mhstore -file $1 -toplevel -multicontent -outfile /tmp/body.$$
[ ... command to sign the data in /tmp/body-canonical.$$, output in
/tmp/signdata.$$ ]
echo "------" >> /tmp/newdraft.$$
echo "#begin signed; protocol=application/pkcs7-signature; micalg=sha-256" >>
/tmp/newdraft.$$
# This is a hypothetical syntax for including "pre-formed" multipart content
echo '#!<' >> /tmp/newdraft.$$
cat /tmp/body.$$ >> /tmp/newdraft.$$
echo "#application/pkcs7-signature; name=smime.p7s {attachment;
filename=smime.p7s} /tmp/signdata.$$" >> /tmp/newdraft.$$
echo "#end" >> /tmp/newdraft.$$
mhbuild /tmp/newdraft.$$
exit 0
Does that make sense? I'm not sure that's all 100% correct, but I think it
is kinda close. What you would do with PGP/GPG is pretty close to that,
I think.
--Ken
--
nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers