Re: The subject line leakage problem

[Paul Hoffman / IMC <phoffman@xxxxxxx>]

At 10:34 AM -0800 12/17/01, Hallam-Baker, Phillip wrote:
> 	One of the ongoing problems with people using PGP

Or S/MIME, which is the topic of this mailing list :-)

>  is that people put
> confidential information in the mail subject lines, eg:
>
> Subject: Proposed purchase of Excite@Home
> Subject: Your STD test results
> Subject: Planned head count reduction
>
> 	etc.
>
> So over the years there have been plenty of fixes involving CMS encrypted
> attributes etc. which gets into the rat hole of what other headers to add
> in.

Just to be clear: you are talking about leaking headers in 
*encrypted* messages, not signed messages, I assume.

> So instead of that how about the following fix:
>
> 1) A Best Current Practice Draft that says
> 2) Clients SHOULD offer users the option of replacing the subject line on
> confidential messages and carrying the subject as the first line in the body
> of the message.

A few thoughts:

1) That only covers the subject; you might want to cover other 
headers that have valuable information.

2) That prevents the headers from being automatically processed.

Instead, how about encouraging the use of multipart/mixed which 
starts with text/rfc822-headers. Any headers in that first part are 
to replace the same headers on display only.

--Paul Hoffman, Director
--Internet Mail Consortium