From: Chris Newman (Chris.Newman@innosoft.com)
Date: Mon Jul 27 1998 - 12:01:29 CDT
On Sun, 26 Jul 1998, Graham Klyne wrote:
> At 07:54 23/07/98 -0700, Chris Newman wrote:
> >[...] I'll mention that security
> >multiparts effectively requires that any micalg compute the hash over the
> >majority of the MIME headers first.
> Either I misunderstand multipart/signed, or I misunderstand you -- can you
> clarify please?
Multipart/signed has a parameter for the "micalg", or "Message Integrity
Check Algorithm". This describes the algorithm and rules for computing
the hash which is actually signed. For obvious reasons, this algorithm
needs to include the critical MIME headers of the part being signed first.