Re: [openpgp] Work items for openpgp relaunch: Content-type equivalent
Dominik Schuermann <dominik@dominikschuermann.de> Sun, 15 March 2015 20:13 UTC
Return-Path: <dominik@dominikschuermann.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 239C61A1B80 for <openpgp@ietfa.amsl.com>; Sun, 15 Mar 2015 13:13:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vdh4Rf63EnRo for <openpgp@ietfa.amsl.com>; Sun, 15 Mar 2015 13:12:58 -0700 (PDT)
Received: from mx2.mailbox.org (mx2.mailbox.org [80.241.60.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD0881A1B81 for <openpgp@ietf.org>; Sun, 15 Mar 2015 13:12:53 -0700 (PDT)
Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id A5ED240276; Sun, 15 Mar 2015 21:12:51 +0100 (CET)
X-Virus-Scanned: amavisd-new at heinlein-support.de
Received: from smtp1.mailbox.org ([80.241.60.240]) by gerste.heinlein-support.de (gerste.heinlein-support.de [91.198.250.173]) (amavisd-new, port 10030) with ESMTP id 0JCEBR2NgiFg; Sun, 15 Mar 2015 21:12:50 +0100 (CET)
Message-ID: <5505E7BE.80100@dominikschuermann.de>
Date: Sun, 15 Mar 2015 21:12:46 +0100
From: Dominik Schuermann <dominik@dominikschuermann.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Werner Koch <wk@gnupg.org>, Tim Bray <tbray@textuality.com>
References: <CAHBU6ivv5q3dEUM94UUwPJPSZEhsEuXTKiCTNA1cNdQKj_yAUA@mail.gmail.com> <87y4my9hcn.fsf@vigenere.g10code.de>
In-Reply-To: <87y4my9hcn.fsf@vigenere.g10code.de>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="BPaARGVcHbsPhS3IMIbm8AMqlLiiDea0h"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/xw69A_Aa5meUtyANdTOsHJKP4G8>
Cc: openpgp@ietf.org
Subject: Re: [openpgp] Work items for openpgp relaunch: Content-type equivalent
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Mar 2015 20:13:00 -0000
Hi Werner, On 03/15/2015 08:43 PM, Werner Koch wrote: > On Sat, 14 Mar 2015 21:49, tbray@textuality.com said: > >> There’s one missing piece, the equivalent of HTTP Content-type. You can >> easily encrypt anything - a message, a picture, a video - and send it off > > What about using RFC-3156 PGP/MIME and set the Content-type? If setting the Content-type to something different than "application/octet-stream" would leak the Content-type to others or do you have a different usage in mind? There are related problems to this: - RFC 3156 only considers the usage of ASCII armored data, we also like to share encrypted binary files. - Currently we "share" a blob with Content-type "application/octet-stream", while we actually want something more concrete that identifies OpenPGP-encrypted blobs. We don't use "application/pgp-encrypted" as it is specified to only hold the version number. > > IIRC, a new flag 'm' for the Literal Data Packet was once suggest to > indicate the data has a MIME structure. That would allow to convey all > kind of meta information using a matured standard. The related draft is here: http://tools.ietf.org/html/draft-moscaritolo-openpgp-literal-01 I like this approach as it hides the MIME type in the encrypted header. Having this and a MIME type for OpenPGP-encrypted blobs would solve the problem for us, what about "application/pgp-encryption"? Maybe I am overseeing something, so any pointers are appreciated :) Regards Dominik
- [openpgp] Work items for openpgp relaunch: Conten… Tim Bray
- Re: [openpgp] Work items for openpgp relaunch: Co… Daniel Kahn Gillmor
- Re: [openpgp] Work items for openpgp relaunch: Co… Dominik Schuermann
- Re: [openpgp] Work items for openpgp relaunch: Co… Werner Koch