On Thu, Dec 20, 2001 at 05:59:00PM +0100, Robert van der Meulen wrote: > Hi, > > Quoting Lance Heller (lheller@ttsi-tul.com): > > X-Mailer: exmh version 2.5 07/13/2001 with version: MH 6.8.4 #1[UCI] > > To: debian-devel@lists.debian.org > > Subject: mobo recommendations for building a cheap X-Terminal > > Reply-To: lheller@ttsi-tul.com > > Cc: > Your mailer is broken. These headers shouldn't be part of the body. It is not, and they can be. From a security point of view, it can make sense to include headers in the signed or encrypted part of the mail, because * you can encrypt the subject line of an encrypted mail * you get protection against replay attacks; if a signed message is intercepted and then delivered to someone else, then that person will see a valid signature, but they may not realize that they were not the intended recipient. E.g. imagine someone signing a single-line mail saying "I agree to the terms of the contract we talked about"... These in-message headers should really, really be supported by RFC2015-compliant mailers! Cheers, Richard -- __ _ |_) /| Richard Atterer | CS student at the Technische | GnuPG key: | \/¯| http://atterer.net | Universität München, Germany | 0x888354F7 ¯ ´` ¯
Attachment:
pgpdhRiDPGf4h.pgp
Description: PGP signature