-- [ From: Blake C. Ramsdell * EMC.Ver #3.0.01 ] --
Date: Monday, 18-Sep-95 05:50 PM
From: Steve Dusse \ Internet: (spock(_at_)rsa(_dot_)com)
To: Dave Crocker \ Internet:
(dcrocker(_at_)brandenburg(_dot_)com)
cc: pem-dev(_at_)TIS(_dot_)COM \ Internet:
(pem-dev(_at_)tis(_dot_)com)
Subject: Re[3]: MOSS question
Is there a proscribed behaviour for handling a new multipart construct ?
Yes. It's supposed to be handled the same as multipart/mixed.
Hence an non-security aware implementation should still have useful
access
to the cleartext portion. Folks should note that this same access is NOT
possible with non-s/mime aware implementations.
I disagree. (Maybe I'm missing something.) Please explain.
I also disagree -- it seems that any application that recognizes
multipart/alternative should be quite compatible with signed S/MIME messages
(the first part of the multipart contains text/plain [or whatever] which
everyone recognizes, and the second part contains application/pkcs7-mime
which people may not recognize, and which they will ignore).
I understand that what you're probably referring to is the single-part
application/pkcs7-mime type that does not use multipart/alternative, but I
figured I'd clarify the point -- especially since we are in the middle of a
discussion about the relative strengths and weaknesses of S/MIME versus MOSS
.
In contrast to the MOSS standard of multipart/signed, it seems that existing
MIME mail agents are *less* likely to choke on the multipart/alternative
S/MIME messages, since current MIME agents will not recognize the
multipart/signed and may not interpret them according to the specified
fallback rule of multipart/mixed. I think this is the point that Steve was
making originally. This behavior seems to be supported by other
contributions to the list in response to Steve's original question about
handling unknown multipart constructs.
Blake
--
Blake C. Ramsdell
Project Lead
ConnectSoft, Inc.
http://www.connectsoft.com