Just "encoding" is not enough - it's *how exactly* the file is encoded.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Eliot Lear Sent: Friday, June 10, 2016 13:04 To: Blumenthal, Uri - 0553 - MITLL; Cullen Jennings; opsawg@ietf.org; net...@ietf.org Subject: Re: [OPSAWG] Comments on draft-lear-ietf-netmod-mud-02 Hi Uri, On 6/10/16 5:48 PM, Blumenthal, Uri - 0553 - MITLL wrote: > Canonicalization is the way to avoid file content being mangled or > represented differently by different (software) entities that try to create > or verify digital signature over it. It doesn't matter if your file is binary > or not. And CMS by itself won't save you either. This problem (ensuring > there is only one way to represent the contents of the file in question) is > what you need to show that you solved. I totally get it. From a MIME perspective it'll be something like application/mud+json, encoded in UTF-8, and transported accordingly (HTTPS is 8-bit clean). This is not going to be our problem. Eliot
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg