Non-repudiation for Message Disposition Notifications

[Karen Rosenthal <karenr@xxxxxxxxxxxx>]

Greetings,

I am checking on the status of draft-ieft-receipt-mdn-01.txt, the
Internet Draft for An Extensible Message Format for Message Disposition
Notifications, which is due to expire on November 18th.

This draft does not provide a mechanism for Non-Repudiation.  It is my
understanding that a group is currently working on a proposal to provide
for NRRs.  In looking through CommerceNet's interoperability test
scripts, it appears that an addition has been made to the MDN's 2nd body
part, which would be headed: 

	MAC_Info:

and then contain the message digest type used (i.e. MD5), and then the
base 64 encoded (signed?) MD5 of the original message.

This is my understanding of what has been proposed to-date.  I am only
assuming that the MD5 would be signed as it made the most sense,
although the only thing I've read on what was to be signed, was
CommerceNet's test script # 12, stating that "An MDN should be returned
within a signed bodypart", which was ambiguous to me.  Any clarification
/ corrections to my understanding would be greatly appreciated, as would
any information on when an RFC, or updated draft can be expected.

I'm also curious as to the expected use of the 3rd, optional bodypart.

Much thanks,
-- 
Name:	Karen Rosenthal
E-mail:	karenr@premenos.com
Phone:	(510)688-2928
Fax:	(510)602-2133