[Mailman-Developers] MIME footers
Murray S. Kucherawy
superuser at gmail.com
Thu Mar 19 19:56:24 CET 2015
On Tue, Mar 10, 2015 at 6:51 PM, Stephen J. Turnbull <stephen at xemacs.org>
wrote:
> > It's certainly the case that this proposal only deals well with
> > footers. The specific algorithm is to construct a MIME tree and
> > sign parts of it; specifically, sign all of it, and then verify all
> > of what you get first.
>
> I think this is the wrong algorithm. I suspect that "the community"
> is going to be almost as leery of this proposal as they are of l=, and
> for similar reasons. Given that, I really think the right thing to do
> is to take the MIME structure seriously and sign part-by-part.
>
The difference between this idea and "l=" is that there's still a signature
covering the added part, that of the MLM. It has taken "some"
responsibility (where "some" means "an unspecified amount, but not zero")
for the added content. By contrast, "l=" leaves the appended bit unsigned.
This scheme does sign individual parts as well, and then does merged
signatures in each non-leaf node (corresponding to a "multipart/blah" node
in the tree). This makes it easy to figure out below which non-leaf
node(s) a change occurred. If you have two signatures in-hand (one author,
one mediator), it's fairly straightforward to isolate the change and then
figure out if you want to render/scan/remove/whatever it.
-MSK
More information about the Mailman-Developers
mailing list