Hi, ok, so the clear text signature general form is something like:
------A3DB62BE42E8E4D7716813FA55957190 My Signed Text ------A3DB62BE42E8E4D7716813FA55957190 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIFlgYJKoZIhvcNAQcCoIIFhzCCBYMCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 ....... ------A3DB62BE42E8E4D7716813FA55957190-- And the opaque is the same thing but entirely encoded en B64 and attached to the email as attachment ? Is that correct ? Regards, Jan On Wed, Feb 11, 2009 at 4:42 PM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Wed, Feb 11, 2009, Jan C. wrote: > >> Hello everybody, >> I would like to ask what is the difference, from the cryptographic >> point of view, between an opaque signature (-nodetach) and a clear >> text signature. >> > > No cryptographic difference at all: they are different ways of packaging the > same thing. > > In practical terms the cleartext multipart/mime version can sometimes be > corrupted by mail gateways whereas the embedded signature form is more > resistant. > > The embedded form in MIME messages is often base64 encoded which will increase > its size. > > Current versions of OpenSSL can only verify embedded signatures if the whole > content is in memory. Version 0.9.9 can generate embedded signatures on the > fly though. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org