On Feb 28, 10:11am, Edward A. Russell wrote:
> I agree. Regardless of where the document or files happen to reside
> OR regardless of HOW I happened to have gotten them!!! That is why I
> have a problem with the current PGP/MIME spec which embeds MIME
> objects inside of PGP objects.
Because some users want to sign *entire* messages, including some
or all of the originating headers, or because a MIME message can
include as one of its supbarts another MIME message (in part or in
whole) and that might be or need to be signed and/or encrypted
differently from the enveloping MIME message, it is fundamentally
impossible to completely avoid doing recursion of MIME objects within
secure objects.
Your user agents must be capable of either directly dealing with
the recursion and both the MIME and security aspects, or be capable of
passing the information back and forth between the MIME-aware agent
and the security-aware agent, so that you can recurse that tree.
Otherwise you have to stop using MIME for everything in the
Universe, and tie it specifically to mail messages and therefore
require only message-oriented security, or you have to stop using it
for mail and invent something else and then give MIME only
object-oriented security.
I don't think anyone here really wants this option.
This fact was hashed over multiple times at the workshop. As far
as I'm concerned, it is a dead issue, and we should stop flagellating
this deceased equine. OTOH, if we can't figure out how to handle both
message-oriented and object-oriented security, then maybe it really is
time to split the functions and work on separate tracks.
--
Brad Knowles MIME/PGP: BKnowles@aol.net
Mail Systems Administrator <http:www.his.com/~brad/>
for America Online, Inc. Ph: (703) 453-4148