But suppose that I have a piece of text, perhaps a draft of a contract, which
I
want to protect from undetected modification, but I am not ready to sign
officially. What I would like to be able to do is make up a two part
document,
with one part being the baseline text and the second part being a comment such
as "I concur, but only if the following changes are made."
I want to digitally sign both parts, so that neither part can be modified
without detection, but it must not be possible to delete the comments and have
my signature appear to apply to only the baseline text.
Can this be done with the PEM-MIME capabilities being discussed now? If so, I
think it will add
substantially to the usability of PEM.
There are two parts to this problem. The first is one of semantics -- what does
a signature actually _mean_ anyway? The second is one of structure -- can you
apply different and possibly overlapping signatures to different parts of a
message?
MIME-PEM deals with the structure problem. MIME recasts messages into a kind of
tree structure -- you can have multiple branches at any level and the leaves
are, of course, body parts. MIME-PEM lets you sign (and possibly encrypt) any
branch of the tree. You can enhance the entire tree that comprises the message,
an entire branch, individual leaves, or any combination you like. Moreover,
you can enhance some piece of the tree and subsequently re-enhance some
larger piece that includes that piece.
In other words, MIME-PEM provides the tools you need both to sign different
parts in different ways and to sign something that includes other signed
entities.
However, MIME-PEM does not deal with what a signature means. As such, if you
sign a multipart message where one part contains your document and the other
part contains your comments, nobody can tamper with either the document or your
comments, nor can they separate the two. But does your signature "apply" to the
baseline text? That's semantics beyond the scope of MIME-PEM, and possibly
beyond the scope of PEM as well (I don't know for sure).
You could of course make it clear in your comment that your signature only
warrants that you really said what you said about this specific enclosed
document whose origin is (possibly) unknown. You could even define a new MIME
type that carries these semantics for you in a mechanical way. Or you could
sign the comment by itself as one entity (i.e the actual author) and then
re-sign the entire package as another entity (i.e. the packager who asserts
that this comment does in fact belong to this document).
Alternately or simultaneously, the document itself could have a signature of
its own that warrants its authenticity as having come from some other
legitimate source. This signature would be left intact inside of your signed
enclosure.
So, as you can see, while MIME-PEM gives you the software tools you need to do
this sort of stuff, you do have to deal with the semantics in some way. And
while it would be possible to build some of the semantics for this into the
MIME-PEM framework (using existing MIME tools) we need to lay the groundwork
first. Besides, not only does the extensible nature of MIME makes it very easy
to add this sort of thing later in a painless way, it makes it easy for you to
experiment privately with whatever framework enhancements you think are useful.
I for one would certainly encourage you to do this.
Ned