> If one were to encode somehow an extension indication that "this content was > subjected to 8-to-7 downgrade" as a hint that a verifier should do the > reverse before verifying, the verifier would have to manage to undo the > downgrade in precisely, i.e. byte-for-byte, the same manner that the > downgrade was done for it to work. That's a pretty high requirement for > interoperability (i.e., it's pretty error-prone), so it requires a > specification and it would need to be consistent with the MIME RFCs.
Seems to me that if someone were that desperate to get a signed message through a downgraded path, they should wrap the whole thing in a base64 encoded message/rfc822 mime part and send it that way. This all strikes me as mostly hypothetical, and unlikely to affect more than a tiny sliver of mail. The EAI group, which has way more experience with character set issues and downgrades than we do, tried all sorts of downgrade experiments and decided that none of them were workable. The current nearly final draft says that if you want to send an EAI message, you better find a path to the recipient that can deliver it as is. Perhaps we should take the hint. Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html