...
Since the discussion in this thread is all very relevant, let me revise my example to show that the problem is still there:
[ example with header containing untrusted information deleted ] Since the MIME-PEM integration enhances body parts, the tight, clearly identifiable binding between verification and the contents of the body part is easily conveyed. Not that an implementation couldn't get it wrong, but it would be difficult:-) Of course, incorrectly identifying the scope of the enhancement is as much a bug as not properly verifying the signature. For example, modify the headers on this message to your heart's content. TIS/PEM, the implementation that I use, will show me the headers without any notion of trust, it will identify the following body part (this text) as signed, will verify the signature, then show me the body part. The scope of the enhancment is very clear to me as the recipient. If you add additional body parts, in series or by nesting this one, the scope of trust is still clear. Just as people must learn not to trust unsigned messages, they must learn not to trust unsigned portions of messages, including headers. Otherwise, no form of digital signature will fly. User agents must make the scope clear. The binding between body parts and enhancment in the MIME-PEM model makes this easier. Mark
binjTEFo67zkB.bin
Description: application/pem-signature