Date: Wed, 26 Apr 95 10:27:17 -0400
From: Steve Kent <kent(_at_)bbn(_dot_)com>
. . .
The document entitiedl "Security Multiparts for MIME: Multipart/Signed
and Multipart/Encrypted" (draft-ietf-pem-sigenc-03.txt) has been
available for review for an even longer interval and thus I also am
issuing a last call for comments on this document as well.
Is the `multiparts' in the title an a priori goal?
Nope. We looked at all sorts of schemes, including the variation you appear to
be using. And we found that it is simply the best way to do it.
In reading through the document, I didn't notice any mention of the
reasoning behind forcing the signature on a 7bit ascii message into
the body. This seems like a case where multiple parts are unnecessary.
There are several reasons for using a separate part. For one thing, having
different mechanisms depending on message structure complicates matters rather
than simplifying them. But to my mind the biggest issue is the ability to
process in a single pass. You cannot do this if you use a header. You can
if you use a separate part.
Why not simply define the signature as a header field? Unless you are
encrypting a message or sending 8bit data, historical precedent would
seem to indicate that the signature should be in the header with the
rest of the message annotations.
See above.
Ned