draft-koenig-privicons-03.txt

My comments on "Privacy Preferences for E-Mail Messages"

> 1.  Introduction
> 
> 1.1.  Overview
   .
   .
   .
>    This document proposes a syntax (Section 2) and semantics (Section 3)
>    allowing a Sending User of an e-mail message to express his or her
>    preference for how the e-mail message content should be handled by
>    the Receiving Users.  For this purpose, semantics of sets of
>    different character combinations ("Privicons") are described.  These
>    can syntactically be integrated either in the first-line of the body,
>    in the subject line and/or in a dedicated header of any e-mail
>    message.  The Privicons icon set has six different icons.  They will
>    be machine-readable.

It would be more correct to use the term "header field" rather 
than "header" here and in the rest of the document.
   .
   .
   .

> 1.3.  Terminology and Conventions
   .
   .
   .
>    o  The terms "Sending User" and "Receiving User" are related to a

Privicons and redaction

In abuse reporting, an established albeit discouraged practice
consists of redacting reported messages.  In a nutshell, users may
have the ability to signal some received messages as being abusive.
Their mailbox providers should then wrap those messages according to
abuse reporting format (ARF, RFC 5965) and send them back to the
senders if they had subscribed to the relevant feedback loop.  See
http://en.wikipedia.org/wiki/Feedback_loop_%28email%29

Redaction conceals the recipient, rather than the sender.  In this
case, authors should markup the parts of the messages that contain
sensible data, in case the recipients report those messages as spam,
possibly inadvertently.  A document describing how to carry out
redaction is now in LC, so it can hardly mention privicons.  However,
privicons could consider this possible use.  The redaction doc is at
http://datatracker.ietf.org/doc/draft-ietf-marf-redaction/

For casual readers, privicons are defined here:
http://tools.ietf.org/html/draft-koenig-privicons

Do S/MIME and OpenPGP protect message headers?

Re: Do S/MIME and OpenPGP protect message headers?

On 12/28/2011 7:27 AM, Rolf E. Sonneveld wrote:
> Hi,
>
> just to check: S/MIME (http://tools.ietf.org/html/rfc5751) does not does
> include/cover the 5322.From and the 5322.To fields as part of the cryptographic
> payload. Protection of headers can be achieved by wrapping up a the complete
> message into a message/rfc822 bodypart and sign/encrypt that

However, of course, the contained message then ceases to be treated as a normal 
message by the receiving user agent.  It's just content.

Although not it's primary task, data integrity protection /is/ provided for 
listed header fields by DKIM.  (The signature lists the fields it covers. This 
typically does include From:, To:, and cc: and Subject.)

d/
--

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net