I don't think David Crocker's proposal was to accept MIME-PEM as is. That
certainly wasn't what I meant. I agree that encryption still requires
conversion to canonical form. There is also debate going on regarding the
impact of the key selector field on existing implementations. I assume the
proposal was to take the current MIME-PEM draft as a starting point and
identify it's deficiencies.
Phil Smiley
-------------
Original Text
From SMonnier @ SMTP (Stefan Monnier)
{monnier(_at_)didec26(_dot_)epfl(_dot_)ch}, on 12/16/94
10:18 AM:
To: PLS @ DSKPO27B
Cc: pem-dev @ SMTP (pem-dev) {pem-dev(_at_)tis(_dot_)com}, dcrocker @ SMTP
(dcrocker)
{dcrocker(_at_)mordor(_dot_)stanford(_dot_)edu}
This sounds good to me. This could leverage off the MIM-PEM analysis
already being done. Other opinions?
Not quite another opinion, but I just think that the MIME-PEM document
should be changed in two ways:
- as Kazuhiko noticed, encryption also requires conversion to
canonical form
- get rid of the useless "protocol" parameter, or explain to me what good
that parameter will do you, for example, in this case:
Content-type: multipart/signed; protocol=multipart/sig-alternative;
micalg="rsa-md5";
boundary=signed
--signed
content-type: plain/text
salut !
--signed
content-type: multipart/sig-alternative; someparams...;
boundary=sigalt
--sigalt
content-type: application/pem-signature
a sig
--sigalt
content-type: application/pem-signature
another sig
--sigalt--
--signed--
Any objection ?
Stefan