[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MDN Signed Body Part

To: chucks@xxxxxxxxxxxxx, karenr@xxxxxxxxxxxx
Subject: Re: MDN Signed Body Part
From: Mats Jansson <mjansson@xxxxxxxxxxx>
Date: Mon, 6 Jan 1997 17:03:06 -0800 (PST)
Cc: ietf-ediint@xxxxxxx
Sender: owner-ietf-ediint@xxxxxxx

Chuck:

What you describe below is exactly what I walked away with as well.

Mats J.

At 11:05 AM 1/6/97 -0800, Chuck Shih wrote:
>Karen,
>
>At the last IETF wg in San Jose this topic was debated and it was my
>recollection that the following was decided: (If anyone has a different
>recollection please post on the discussion group.)
>
>1). The IETF will not preclude the use of non Internet standards
>    in its specifications, but it is preferred that if an Internet
>    standard exists, then it should be used. The primary reason
>    given for this:
>
>    a). Changes to Internet standards are made in a public forum
>        and can be debated before revisions are made. This is not
>        always the case with proprietary standards. 
>
>    2). Since the S/MIME standards allow the use of both the signed-data
>    format as well as the Internet defined multipart/signed, the
>    multipart/signed should be used since it satisfies the first
>    criteria above as well as the S/MIME specifications. 
>
>The signed-receipt has always been specified as being in multi-part
>signed format. An option to support a receipt enveloped in S/MIME format
>can be supported, if the members of the list thinks this is important.
>Other than your comments on supporting this option, nothing has been
>posted by others stating that this support is desirable.
>
> 
>Karen Rosenthal wrote:
>> 
>> Two questions then.  What is the rational for not supporting a receipt
>> enveloped in S/MIME?  We would like this option.  Second, what is the
>> working group's stance on supporting multipart/signed vs. S/MIME for
>> data.
>> 
>> Regards,
>> Karen
>> 
>> Chuck Shih wrote:
>> >
>> > Rik,
>> >
>> > Just wanted to clarify:
>> >
>> > On sending the AS#1 will change to use the multipart/signed version
>> > of S/MIME instead of the signed-data version of S/MIME. This is as
>> > a result of the IETF wg in San Jose.
>> >
>> > The signed receipt has always been specified as using multipart/signed.
>> >
>> > Rik Drummond wrote:
>> > >
>> > > Carl Hage wrote:
>> > > >
>> > > > Karen Rosenthal (karenr@xxxxxxxxxxxx) wrote:
>> > > > : In draft-ietf-ediint-as1-02.txt, the Content-Type of the second body
>> > > > : part is specified as application/x-pkcs7-mime.  Is this correct, or
>> > > > : should application/x-pkcs7-signature be used?  The 2/23/96 S/MIME
>> > > > : Message Specification defines application/x-pkcs7-signature as
the PKCS
>> > > > : #7 detached signature.
>> > > >
>> > > > This is an error in draft-ietf-ediint-as1-02.txt.
>> > > >
>> > > > There are two ways to sign data, either the embedded text form, where
>> > > > there is a single MIME type of application/x-pkcs7-mime, or the
>> > > > MIME multipart/signed, where the signature is separate from the
>> > > > text. In this case, the application/x-pkcs7-signature is the proper
>> > > > type.
>> > > >
>> > > > The first method has the original message encoded in binary form and
>> > > > requires PKCS software to decode. The second method works the same as
>> > > > the PGP/MIME except the PKCS7 signature algorithm is used instead
>> > > > of the PGP algorithm. Also, the original message is not encoded, and
>> > > > can be read separately from the authentication.
>> > > >
>> > > > In my opinion, the second form should be used, but apparently, the RSA
>> > > > toolkit doesn't make this easy. (???)
>> > > >
>> > > After the IETF meeting last month we will be doing the
>> > > application/x-pkcs7-mime as the standard because it fits the Internet
>> > > philosophy better than the other. As to the Commercenet test we are
>> > > conducting on these standards, we will be using the other for the next
>> > > several months because of how hard it is to do application/x-pkcs7-mime
>> > > with the Smime toolkits....  later, rik
>> 
>> --
>> Name:   Karen Rosenthal
>> E-mail: karenr@xxxxxxxxxxxx
>> Phone:  (510)688-2928
>> Fax:    (510)602-2133
>
>
_____________________________________________________________
Mats Jansson, LiNK			 mjansson@xxxxxxxxxxx
2317 Broadway, Suite 330
Redwood City, CA 94063			   v: +1-415-780-9039
http://www.agathon.com			   f: +1-415-780-9069

Follow-Ups:
- Re: MDN Signed Body Part
  - From: David Chia

Prev by Date: Hierarchy description of AS#1
Next by Date: Re: MDN Signed Body Part
Previous by thread: Re: MDN Signed Body Part
Next by thread: Re: MDN Signed Body Part
Index(es):
- Date
- Thread