summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Mollekopf <mollekopf@kolabsys.com>2012-10-24 13:31:23 (GMT)
committerChristian Mollekopf <mollekopf@kolabsys.com>2012-10-24 13:31:23 (GMT)
commita28d7ce5f80ee1df54cc2ed191c11be7bd19b579 (patch)
tree2aacc68cd974bb80ef72cc369eebc3d421d28c7a
parent06ae0c14b0cc7a38a92ffdcb09b3f2ea5f3d5f51 (diff)
downloadkeps-a28d7ce5f80ee1df54cc2ed191c11be7bd19b579.tar.gz
Fixed the description and spec of the x-crypto "allowed" property.
-rw-r--r--KEP-0017.txt6
1 files changed, 2 insertions, 4 deletions
diff --git a/KEP-0017.txt b/KEP-0017.txt
index 0a15ad1..502761a 100644
--- a/KEP-0017.txt
+++ b/KEP-0017.txt
@@ -1355,14 +1355,14 @@ Implements:
===== Cryptographic Preferences =====
property-crypto = element x-crypto {
- element allowed { element text { "PGP/INLINE" | "PGP/MIME" | "S/MIME" | "S/MIMEOpaque" }* },
+ element allowed { element text { "PGP/INLINE" | "PGP/MIME" | "S/MIME" | "S/MIMEOpaque" }* } ?,
element signpref { element text { "Never" | "Always" | "IfPossible" | "Ask" } } ?,
element encryptpref { element text { "Never" | "Always" | "IfPossible" | "Ask" } } ?
}
''Specifies crypto related settings.''
-* "allowed": Specifies the allowed encryption/signing protocols for incoming content:
+* "allowed": Specifies the allowed encryption/signing protocols for sending mail to the contact. This setting '''SHOULD''' override the default settings of the mail composer. If none of the allowed protocols is available the signing/encrypting '''SHOULD''' fail. If not specified all protocols are allowed.
:* "PGP/INLINE": Allows inline-PGP for encrypted and signed content.
:* "PGP/MIME": Allows PGP/MIME for encrypted and signed content.
:* "S/MIME": Allows clear signed messages using S/MIME.
@@ -1386,8 +1386,6 @@ Uses:
* {{rfc|5751}}<ref name=rfc5751>{{rfc|5751}} Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification</ref> [https://tools.ietf.org/html/rfc5751]
{{note|Opaque signing|Opaque signing refers to the technique of embedding the text into the base64 encoded CMS (PKCS #7 based Cryptographic Message Syntax) object (content type: application/x-pkcs7-mime) of the signature, so it can only be read if the client supports S/MIME. Clear signing transmits the clear text and only appends the signature (content type: application/x-pkcs7-signature), which allows clients without S/MIME support to read the message.}}
-{{note|Needs clarification: Key storage|Im not sure yet how the key should be stored. Im also dont think the application/pkcs7-mime mimetype is correct for the key itself.}}
-{{note|Needs clarification: allowed|Is this correct that it is only for incoming content? (the allowed element is derived from the KAddressbook Crypto settings page)}}
{{note|x-crypto|This property is missing in the xCard standard and should be added to it (probably as crypto-pref).}}
{{note|identities|Ideally crypto settings would be per identity and not per contact.}}