[Enigmail] MIME - PGP/MIME - S/MIME debacle... Re: Thunderbird PGP test
John Clizbe
John at Mozilla-Enigmail.org
Fri Feb 22 12:39:48 PST 2008
Barry Smith wrote:
> Argh!!!
Exactly the reaction provoked in me.
> First -- Email is really a specialized version of FTP for special text
> files.
This is the kitchen equivalent of saying a hand-mixer is just a blender or a
microwave is a toaster oven or a fork is a special-purpose spoon. It's
abstraction ad absurdum and wildly off-topic.
<snip - merciful snip>
> I hope that helps everyone in their understanding of the MIME,
> PGP/MIME, SMTP/MIME (S/MIME) debacle. It sure helped me to
> remember that I didn't write the RFCs, but I can comment. ;)
I'm not sure that there was a debacle, nor that there was some massive confusion
of terminology, at least, not by a major subset of the mailing list/newsgroup.
Though with SMTP, SMTPAUTH, and SMTP/TLS I can certainly understand how someone
unfamiliar with the different protocols could get confused.
SMTP is akin to "How a Post Office works, MIME is "How do I put something other
than a letter into an envelope for mailing so that it looks like a letter to the
Post Office."
There is no such thing as SMTP/MIME. S/MIME refers to
Secure / Multipurpose Internet Mail Extensions.
S/MIME and OpenPGP are two similar, but quite different and not compatible
systems. See http://www.imc.org/smime-pgpmime.html
(from the S/MIME inventors @ RSA) "S/MIME (Secure / Multipurpose Internet Mail
Extensions) is a protocol that adds digital signatures and encryption to
Internet MIME (Multipurpose Internet Mail Extensions) messages. MIME is the
official proposed standard format for extended Internet electronic mail.
Internet e-mail messages consist of two parts, the header and the body. The
header forms a collection of field/value pairs structured to provide information
essential for the transmission of the message. The structure of these headers
can be found in RFC 822 (and its successors). The body is normally unstructured
unless the e-mail is in MIME format. MIME defines how the body of an e-mail
message is structured. The MIME format permits e-mail to include enhanced text,
graphics, audio, and more in a standardized manner via MIME-compliant mail
systems. However, MIME itself does not provide any security services. The
purpose of S/MIME is to define such services, following the syntax given in PKCS
#7 for digital signatures and encryption. The MIME body section carries a PKCS
#7 message, which itself is the result of cryptographic processing on other MIME
body sections. S/MIME standardization has transitioned into IETF, and a set of
documents describing S/MIME version 3 have been published there."
S/MIME is PKCS #7
PGP/MIME (RFCs 2015 and 3156) define the MIME wrappers needed to use OpenPGP in
a MIME-formatted message. The actual OpenPGP sleight-of-hand being defined in
RFC 4880 (previously RFC 2440).
No slight or sleight intended. But can we /try/ to keep discussion on topic:
Enigmail and OpenPGP as implemented by GnuPG?
--
John P. Clizbe Inet: John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?" / "two words: good decisions."
"what's the key to good decisions?" / "one word: experience."
"how do i get experience?" / "two words: bad decisions."
"Just how do the residents of Haiku, Hawai'i hold conversations?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 658 bytes
Desc: OpenPGP digital signature
Url : http://www.mozdev.org/pipermail/enigmail/attachments/20080222/871a01d1/attachment.bin
More information about the Enigmail
mailing list