meaningful and confidential subject lines in messages using pgp

[sen_ml@eccosys.com]

following up to my own post...

> here are some of my current thoughts about this idea:

>   -assuming this were implemented, where does the information about
>    which algorithm is used to encrypt the field value of
>    X-Encrypted-Subject go?  it could be part of the field value, but then
>    you'd have to define and parse the field value.  i hope you would agree
>    that deciding on a fixed algorithm for the purpose of protecting subject
>    contents is not desirable.

>  -if you want to sign the contents of the meaningful subject, where does
>   the signing information go and what is the signature algorithm and
>   format?  i think this is essentially the same problem mentioned above.

i should have also mentioned that i don't think it's a good idea to
use base64-encoded pgp messages as the value of something like
X-Encrypted-Subject.

i think this would make the implementation of the mail client more
complicated than it needs to be and it doesn't appear to gain you
anything -- it would also require separate pgp processing from the
message contents for both creating the message and sending it.

p.s. i don't think i've covered all the relevant points, but this is
what comes to mind at the moment ;-)