All, I have recently run into a problem with signed emails not being able to be verified, because of the presence of the word "From" in the first columns of a line of the email message. This email will serve as an example of this potential problem. If your email client sees this message as signed but the signature is invalid, the next paragraph should start with the word "From"--see if it has been modified. >From appearing as the first characters after a blank line will result in some email delivery agents (such as sendmail or exim) escaping the word--"From" is replaced with ">From". The reason for this behavior has to do with the UNIX mbox mail storage file format. The mbox format stores multiple messages in one file, and the messages are separated by the word "From" as the first characters following a blank line. Some mail delivery agents do not have this problem (i.e. Exchange), because they do not store messages in the mbox format. Many do, however, resulting in a modification of the message and the signature being invalidated. I would like to request that this issue be more directly dealt with in son-of-RFC2633. (Currently, it is mentioned in the example MIME-encoded message, but nowhere in the text.) One recommendation might be to borrow from RFC2015 (MIME Security with PGP), which states: Though not required, it is generally a good idea to use Quoted- Printable encoding in the first step (writing out the data to be signed in MIME canonical format) if any of the lines in the data begin with "From ", and encode the "F". This will avoid an MTA inserting a ">" in front of the line, thus invalidating the signature! Perhaps this might even be a SHOULD, although I will ask the group to weigh in on that. Thanks, --Peter
Attachment:
smime.p7s
Description: S/MIME cryptographic signature