Adrian 'Dagurashibanipal' von Bidder
Tue Feb 4 10:23:01 2003
On Mon, 2003-02-03 at 22:14, Anthony E. Greene wrote:
> Adrian 'Dagurashibanipal' von Bidder <firstname.lastname@example.org> wrote:
> >I've been thinking along the same lines, and I would solve it like this:
> >Use PGP/MIME, and repeat email headers in the signed part of the
> In your example, the OpenPGP MIME message part headers are outside the
> signed data. If you want to do this, you should add a MIME message part
> that includes the appropriate email headers as signed and/or encrypted
Hmm. My reading of the rfc is that everything after the MIME boundary of
the first part of a multipart/signed message is protected by the
signature, which would make my example like this:
<<<<<<< first line of signed data
Protected-Headers: To, From, Subject
P-From: Alice Nice <email@example.com>
P-Subject: I love you
I really do.
>>>>>>> last line of signed data =20
The multipart/signed content type contains exactly two body parts.
The first body part is the body part over which the digital signature
was created, including its MIME headers.
Or did I misunderstand what you said?
get my gpg key here: http://fortytwo.ch/gpg/92082481
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: get my key from http://fortytwo.ch/gpg/92082481
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d