james-mime4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Wiederkehr <markus.wiederk...@gmail.com>
Subject Re: Remaining open issues
Date Fri, 06 Feb 2009 22:48:33 GMT
On Fri, Feb 6, 2009 at 11:23 PM, Robert Burrell Donkin
<robertburrelldonkin@gmail.com> wrote:
> On Fri, Feb 6, 2009 at 9:27 PM, Markus Wiederkehr
> <markus.wiederkehr@gmail.com> wrote:
>> On Fri, Feb 6, 2009 at 10:08 PM, Robert Burrell Donkin
>> <robertburrelldonkin@gmail.com> wrote:
>>> On Thu, Feb 5, 2009 at 10:48 PM, Oleg Kalnichevski <olegk@apache.org> wrote:
>>>> Markus Wiederkehr wrote:
>>>>>
>>>>> On Tue, Feb 3, 2009 at 11:44 PM, Markus Wiederkehr
>>>>> <markus.wiederkehr@gmail.com> wrote:
>>>>>>
>>>>>> Here's a list of the remaining open issues:
>>>>>>
>>>>>> https://issues.apache.org/jira/browse/MIME4J-34
>>>>>>  not sure if this one has not already been resolved; please read
my
>>>>>> latest comment
>>>>>>
>>>>>> https://issues.apache.org/jira/browse/MIME4J-58
>>>>>> https://issues.apache.org/jira/browse/MIME4J-68
>>>>>> https://issues.apache.org/jira/browse/MIME4J-69
>>>>>>  target for 0.7?
>>>>>
>>>>> I have re-targeted these for 0.7..
>>>>>
>>>>> Markus
>>>>>
>>>>
>>>> As soon as there is some kind of a decision about MIME4J-34 I'll start
>>>> preparing the release packages.
>>>
>>> if you're happy with my resolution, then the issue can be closed
>>
>> +1
>>
>> I think you've made a good point with #112. I also believe that
>> perfect reproduction of a message would be a necessity if a Mime4j DOM
>> should ever be used for verifying an S/MIME signature..
>
> it's not as simple as that: SMIME (and OpenPGP/MIME) require
> canonicalisation and normalisation

I know.. we've already had this discussion to some extent.

One the one hand we have RFC2633 that is a bit vague when it comes to
the concrete canonicalization steps: "The exact details of
canonicalization depend on the actual MIME type and subtype of an
entity, and are not described here." But at least it describes basic
CRLF canonicalization.

On the other hand we have some real world MUAs that support S/MIME.. I
know for sure that Outlook does not even perform basic CRLF
canonicalization. Neither Outlook nor Thunderbird decode transfer
encodings before verifying (nor should they if I understand
correctly).

So in order to support explicit S/MIME signatures Mime4j must not
automatically decode transfer encodings the way it does now. This
process is never reversible, especially for quoted-printable.

CRLF canonicalization does not worry me because it can always be
applied with a simple filter stream..

> but i agree that this would be a very useful test of the API
>
>> Regarding 0.6 I think we can build a release candidate now..
>
> once the issue has been closed, +1

Has already been closed by Oleg.

Markus

>
> - robert

Mime
View raw message