RFC 1544 (rfc1544) - Page 2 of 3


The Content-MD5 Header Field



Alternative Format: Original Text Document



RFC 1544                Content-MD5 Header Field           November 1993


2.  Generation of the Content-MD5 Field

   The Content-MD5 field is generated by only an originating user agent.
   Message relays and gateways are expressly forbidden from generating a
   Content-MD5 field.

   Use of the Content-MD5 field is completely optional, but its use is
   recommended whenever data integrity is desired, but Privacy-Enhanced
   Mail services [3] are not available.  (Consult Section 4 for further
   details.) The Content-MD5 field may only be added to MIME entities of
   a `leaf' nature, i.e., the Content-MD5 field may be used with any
   content type other than multipart or message/rfc822.

   To generate the value of the Content-MD5 field, the MD5 algorithm is
   computed on the canonical form of the data.  In particular, this
   means that the sender applies the MD5 algorithm on the raw data,
   before applying any content-transfer-encoding, and that the receiver
   also applies the MD5 algorithm on the raw data, after undoing any
   content-transfer-encoding.  For textual data, the MD5 algorithm must
   be computed on data in which the canonical form for newlines applies,
   that is, in which each newline is represented by a CR-LF pair.

   The output of the MD5 algorithm is a 128 bit digest.  When viewed in
   network byte order (big-endian order), this yields a sequence of 16
   octets of binary data.  These 16 octets are then encoded according to
   the base64 algorithm in order to obtain the value that is placed in
   the Content-MD5 field.  Thus, if the application of the MD5 algorithm
   over the raw data of a MIME entity results in a digest having the
   (unlikely) value of "Check Integrity!", then that MIME entity's
   header could contain the field

               Content-MD5:  Q2hlY2sgSW50ZWdyaXR5IQ==

   Finally, as discussed in Appendix B of [1], textual data is regularly
   altered in the normal delivery of mail.  Because the addition or
   deletion of trailing white space will result in a different digest,
   either the quoted-printable or base64 algorithm should be employed as
   a content-transfer-encoding when the Content-MD5 field is used.

3.  Processing the Content-MD5 field

   If the Content-MD5 field is present, a recipient user agent may
   choose to use it to verify that the contents of a MIME entity have
   not been modified during transport.  Message relays and gateways are
   expressly forbidden to alter its processing based on the presence of
   the Content-MD5 field.  However, a message gateway is allowed to
   remove the Content-MD5 field if the corresponding MIME entity is
   translated into a different content-type.



Rose