On Jul 17, 2014, at 1:51 AM, Benny Kjær Nielsen <[email protected]> wrote:
> If a standard for encrypting the subject-header (and maybe other headers) > existed then it should probably just require the headers to be moved into the > encrypted plain text body part of the message. Email clients supporting the > standard could then use these headers to replace placeholder headers (for > example, Subject: Encrypted) and email clients not supporting it would still > be showing the real headers as part of the body of the message (ok, then it's > a problem when displaying an HTML body part, but HTML is always a problem). I > don't think anything like this is very likely to ever become standardized > behavior, but I may be wrong. You would have to check the relevant PGP/MIME and S/MIME RFCs, but I believe that the standard technique is to take the entire contents of the message (all relevant headers included), put that into a text/rfc822 MIME bodypart and sign and/or encrypt it. Of course, that text/rfc822 MIME bodypart could be composed of multiple other MIME bodyparts. On the other end, you reverse the process and display only the signed/encrypted headers to the recipient. The unsigned/unencrypted headers should still be available, of course. If you display both unsigned/encrypted headers as well as the signed/encrypted ones, then you need to make sure that there is a visual distinction between the two. But I've seen a couple of guys on this list who know a lot more about RFCs than I do. I'll let them choose whether or not to step forward and identify themselves, and provide whatever advice they can. -- Brad Knowles <[email protected]> LinkedIn Profile: <http://tinyurl.com/y8kpxu>
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ mailmate mailing list [email protected] http://lists.freron.com/listinfo/mailmate
