[imp] pgp multipart/signed

Ilya mail@krel.org
Wed, 17 Apr 2002 22:08:22 -0400

Previous message: [imp] imp 3.0 - maintenance screen foreign (non-english) language problem
Next message: [imp] pgp multipart/signed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Chuck, I noticed that you committed updates to pgp, and it now includes
Content-Type: multipart/signed; 
but according to this RFC http://www.nacs.uci.edu/indiv/ehood/MIME/rfc2015.txt
5.  PGP signed data

   PGP signed messages are denoted by the "multipart/signed" content
   type, described in [1], with a "protocol" parameter which MUST have a
   value of "application/pgp-signature" (MUST be quoted).  The "micalg"



Elkins                      Standards Track                     [Page 3]

RFC 2015                 MIME Security with PGP             October 1996


   parameter MUST have a value of "pgp-<hash-symbol>", where <hash-
   symbol> identifies the message integrity check (MIC) used to generate
   the signature.  The currently defined values for <hash-symbol> are
   "md5" for the MD5 checksum, and "sha1" for the SHA.1 algorithm.

   The multipart/signed body MUST consist of exactly two parts.  The
   first part contains the signed data in MIME canonical format,
   including a set of appropriate content headers describing the data.

   The second body MUST contain the PGP digital signature.  It MUST be
   labeled with a content type of "application/pgp-signature".

I see that this RFC is pretty old, but I could not find anything that superceeds
it. Would it be reasonable to add the protocol and micalg ?

Or is it what Michael signed up for? ;)

Previous message: [imp] imp 3.0 - maintenance screen foreign (non-english) language problem
Next message: [imp] pgp multipart/signed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]