> From rdebry at us.ibm.com Thu Dec 19 06:16:42 1996
>> ... I
> am concerned about security though -- do we really want to build it into the
> mime-encoding?
You might want to look at RFC 1847: 'Security Multiparts for MIME:
Multipart/Signed and Multipart/Encrypted'. It may solve our problem
with authentication and security.
The brief summary is that there are two new subtypes of multipart:
signed and encrypted. An example from this rfc of a signed document is:
Content-Type: multipart/signed; protocol="TYPE/STYPE";
micalg="MICALG"; boundary="Signed Boundary"
--Signed Boundary
Content-Type: text/plain; charset="us-ascii"
This is some text to be signed although it could be
any type of data, labeled accordingly, of course.
--Signed Boundary
Content-Type: TYPE/STYPE
CONTROL INFORMATION for protocol "TYPE/STYPE" would be here
--Signed Boundary--
The signature part is always the second of two parts.