[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: Content Type for XML Objects

To: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>
Subject: Re: AW: Content Type for XML Objects
From: Blake Ramsdell <blake@xxxxxxxxxxxx>
Date: Wed, 9 Apr 2008 00:19:37 -0700
Cc: housley@xxxxxxxxxxxx, joerg.schwenk@xxxxxx, ietf-smime@xxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=sendmail.com; s=ladle.dkim; t=1207725836; bh=ItFgC5ZZQLNR0/ow7gZxaDt2rwYtmxEXwDVE nqpfooI=; h=Received:X-DKIM:DKIM-Signature:Date:From:To:Cc:Subject: Message-ID:References:MIME-Version:Content-Type: Content-Disposition:In-Reply-To:User-Agent:X-MM-Ex-RefId; b=udi9rJ gFo7kjGCTL1EVLVxIc4DS7SUTtl99mf3XoIB/BBJU6FR+BIwftsIuK365BCHajqr9WU whVXozGP/OORXFIE8PQtgqmDOAk0D+CSc1sPa57rjFpIDGqGV21m2QXKBEafn8U12sh /oTLRAy0Sh6nv7qPDExY/GSAQqERQ2E=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sendmail.com; s=spork.dkim; t=1207725710; bh=ItFgC5ZZQLNR0/ow7gZxaDt2rwYtmxEXwDVE nqpfooI=; h=Date:From:To:Cc:Subject:Message-ID:References: MIME-Version:Content-Type:Content-Disposition:In-Reply-To: User-Agent:X-MM-Ex-RefId; b=jiY1XKEOyiVq7pxMPgmklG/tkEY9aRU0FC+PyG xmQ6IWdNZWJ9XjZzEiXJBvIirzTh5CK0rvE1DizKBidiDnRUn/L3KPDuRP0yhUR8S+e JnMFVV4+p/MMPrXqIEBWy3jpebAJlfsEmlZVUB2izgif4elwKk10m8dsSV2W4jDHHY=
In-reply-to: <E1JjTpn-00021q-8q@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <> <E1JjTpn-00021q-8q@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx
User-agent: Mutt/1.5.15 (2007-04-06)

On Wed, Apr 09, 2008 at 06:31:03PM +1200, Peter Gutmann wrote:
> The nice thing about S/MIME and PGP is that what's signed is "this string of
> bits, exactly as is", without any need to perform impossible manipulations on
> it first like XMLdsig requires.

One way to avoid this temptation is to just leave it as "throw a MIME
Content-Type at the beginning of it with application/(something)+xml, mark it
id-data and call it S/MIME". The overhead does not seem significant (just the
additional header), and I don't know the utility of being able to identify it
as XML at the outer CMS wrapper.

It also, of course, neatly sidesteps any issues relating to "the C word" since
it is already steeped in current practice to just leave the poor guy's bits
alone, as Peter points out.

Blake
-- 
Blake Ramsdell | Sendmail, Inc. | http://www.sendmail.com

Follow-Ups:
- Re: AW: Content Type for XML Objects
  - From: Russ Housley
- Re: AW: Content Type for XML Objects
  - From: Peter Gutmann

References:
- AW: Content Type for XML Objects
  - From: Jörg Schwenk
- Re: AW: Content Type for XML Objects
  - From: Peter Gutmann

Prev by Date: RE: AW: Content Type for XML Objects
Next by Date: Re: AW: Content Type for XML Objects
Previous by thread: RE: AW: Content Type for XML Objects
Next by thread: Re: AW: Content Type for XML Objects
Index(es):
- Date
- Thread