meaningful and confidential subject lines in messages using pgp
Mon, 14 Feb 2000 11:43:24 +0900

following up to my own post...

> here are some of my current thoughts about this idea:

> -assuming this were implemented, where does the information about
> which algorithm is used to encrypt the field value of
> X-Encrypted-Subject go? it could be part of the field value, but then
> you'd have to define and parse the field value. i hope you would agree
> that deciding on a fixed algorithm for the purpose of protecting subject
> contents is not desirable.

> -if you want to sign the contents of the meaningful subject, where does
> the signing information go and what is the signature algorithm and
> format? i think this is essentially the same problem mentioned above.
i should have also mentioned that i don't think it's a good idea to use base64-encoded pgp messages as the value of something like X-Encrypted-Subject. i think this would make the implementation of the mail client more complicated than it needs to be and it doesn't appear to gain you anything -- it would also require separate pgp processing from the message contents for both creating the message and sending it. p.s. i don't think i've covered all the relevant points, but this is what comes to mind at the moment ;-)