Mime Type for Encrypted Attachments
Ingo Klöcker
ingo.kloecker@epost.de
Fri May 23 01:53:02 2003
--Boundary-02=_sWVz+XOi9SHKfMh
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline
On Thursday 22 May 2003 11:33, Werner Koch wrote:
> On Wed, 21 May 2003 22:03:22 +0200, Ingo Kl=F6cker said:
> >> application/pgp-encrypted
> >> application/pgp-signature
> >> application/pgp-keys
> >
> > Definitely not. Those content types are used for completely
> > different things.
>
> I don't see a problem using pgp-encrypted or pgp-keys as the top MIME
> type. The processing is not different to the RFC3156 case where they
> are encpasulated in multipart/encrypted. pgp-signature should only
> be used for a detached signature though.
Are you not confusing something? The encrypted and armored message is=20
not in the application/pgp-encrypted but in the=20
application/octet-stream message part. Typical message (the same as in=20
my first reply):
=3D=3D=3D=3D=3D
=2D-Boundary-02=3D_0guk++/xisah7Wk
Content-Type: application/pgp-encrypted
Content-Description: version code
Content-Disposition: attachment
Version: 1
=2D-Boundary-02=3D_0guk++/xisah7Wk
Content-Type: application/octet-stream
Content-Description: encrypted data
Content-Disposition: inline; filename=3D"msg.asc"
=2D----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.1 (GNU/Linux)
hQIOAzDP3ccyMZU4EAf/Q3tO7Iziro8/NUs+7Lqk76poiPY8fza5AOdL7kB4fkWJ
=2E..
=3D=3D=3D=3D=3D
And using pgp-keys is IMO also wrong because this will confuse MUAs=20
which provide an Import Key functionality for pgp-keys attachments and=20
it will confuse users who receive an attachment which claims to be an=20
armored OpenPGP key but is in fact an encrypted file. Only viruses lie=20
about the content-type.
The correct content-type is application/octet-stream with=20
Content-Description: encrypted data. But that's what I already wrote in=20
my first reply.
Regards,
Ingo
--Boundary-02=_sWVz+XOi9SHKfMh
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA+zVWsGnR+RTDgudgRAgOMAJ0VM8fiwN6dlMht0sr26HVjHOvJ7QCeI0NR
s4khGfEC9L77g+zWpAhjwpE=
=QtG/
-----END PGP SIGNATURE-----
--Boundary-02=_sWVz+XOi9SHKfMh--