rfc2046.txt 103KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468
  1. Network Working Group N. Freed
  2. Request for Comments: 2046 Innosoft
  3. Obsoletes: 1521, 1522, 1590 N. Borenstein
  4. Category: Standards Track First Virtual
  5. November 1996
  6. Multipurpose Internet Mail Extensions
  7. (MIME) Part Two:
  8. Media Types
  9. Status of this Memo
  10. This document specifies an Internet standards track protocol for the
  11. Internet community, and requests discussion and suggestions for
  12. improvements. Please refer to the current edition of the "Internet
  13. Official Protocol Standards" (STD 1) for the standardization state
  14. and status of this protocol. Distribution of this memo is unlimited.
  15. Abstract
  16. STD 11, RFC 822 defines a message representation protocol specifying
  17. considerable detail about US-ASCII message headers, but which leaves
  18. the message content, or message body, as flat US-ASCII text. This
  19. set of documents, collectively called the Multipurpose Internet Mail
  20. Extensions, or MIME, redefines the format of messages to allow for
  21. (1) textual message bodies in character sets other than
  22. US-ASCII,
  23. (2) an extensible set of different formats for non-textual
  24. message bodies,
  25. (3) multi-part message bodies, and
  26. (4) textual header information in character sets other than
  27. US-ASCII.
  28. These documents are based on earlier work documented in RFC 934, STD
  29. 11, and RFC 1049, but extends and revises them. Because RFC 822 said
  30. so little about message bodies, these documents are largely
  31. orthogonal to (rather than a revision of) RFC 822.
  32. The initial document in this set, RFC 2045, specifies the various
  33. headers used to describe the structure of MIME messages. This second
  34. document defines the general structure of the MIME media typing
  35. system and defines an initial set of media types. The third document,
  36. RFC 2047, describes extensions to RFC 822 to allow non-US-ASCII text
  37. Freed & Borenstein Standards Track [Page 1]
  38. RFC 2046 Media Types November 1996
  39. data in Internet mail header fields. The fourth document, RFC 2048,
  40. specifies various IANA registration procedures for MIME-related
  41. facilities. The fifth and final document, RFC 2049, describes MIME
  42. conformance criteria as well as providing some illustrative examples
  43. of MIME message formats, acknowledgements, and the bibliography.
  44. These documents are revisions of RFCs 1521 and 1522, which themselves
  45. were revisions of RFCs 1341 and 1342. An appendix in RFC 2049
  46. describes differences and changes from previous versions.
  47. Table of Contents
  48. 1. Introduction ......................................... 3
  49. 2. Definition of a Top-Level Media Type ................. 4
  50. 3. Overview Of The Initial Top-Level Media Types ........ 4
  51. 4. Discrete Media Type Values ........................... 6
  52. 4.1 Text Media Type ..................................... 6
  53. 4.1.1 Representation of Line Breaks ..................... 7
  54. 4.1.2 Charset Parameter ................................. 7
  55. 4.1.3 Plain Subtype ..................................... 11
  56. 4.1.4 Unrecognized Subtypes ............................. 11
  57. 4.2 Image Media Type .................................... 11
  58. 4.3 Audio Media Type .................................... 11
  59. 4.4 Video Media Type .................................... 12
  60. 4.5 Application Media Type .............................. 12
  61. 4.5.1 Octet-Stream Subtype .............................. 13
  62. 4.5.2 PostScript Subtype ................................ 14
  63. 4.5.3 Other Application Subtypes ........................ 17
  64. 5. Composite Media Type Values .......................... 17
  65. 5.1 Multipart Media Type ................................ 17
  66. 5.1.1 Common Syntax ..................................... 19
  67. 5.1.2 Handling Nested Messages and Multiparts ........... 24
  68. 5.1.3 Mixed Subtype ..................................... 24
  69. 5.1.4 Alternative Subtype ............................... 24
  70. 5.1.5 Digest Subtype .................................... 26
  71. 5.1.6 Parallel Subtype .................................. 27
  72. 5.1.7 Other Multipart Subtypes .......................... 28
  73. 5.2 Message Media Type .................................. 28
  74. 5.2.1 RFC822 Subtype .................................... 28
  75. 5.2.2 Partial Subtype ................................... 29
  76. 5.2.2.1 Message Fragmentation and Reassembly ............ 30
  77. 5.2.2.2 Fragmentation and Reassembly Example ............ 31
  78. 5.2.3 External-Body Subtype ............................. 33
  79. 5.2.4 Other Message Subtypes ............................ 40
  80. 6. Experimental Media Type Values ....................... 40
  81. 7. Summary .............................................. 41
  82. 8. Security Considerations .............................. 41
  83. 9. Authors' Addresses ................................... 42
  84. Freed & Borenstein Standards Track [Page 2]
  85. RFC 2046 Media Types November 1996
  86. A. Collected Grammar .................................... 43
  87. 1. Introduction
  88. The first document in this set, RFC 2045, defines a number of header
  89. fields, including Content-Type. The Content-Type field is used to
  90. specify the nature of the data in the body of a MIME entity, by
  91. giving media type and subtype identifiers, and by providing auxiliary
  92. information that may be required for certain media types. After the
  93. type and subtype names, the remainder of the header field is simply a
  94. set of parameters, specified in an attribute/value notation. The
  95. ordering of parameters is not significant.
  96. In general, the top-level media type is used to declare the general
  97. type of data, while the subtype specifies a specific format for that
  98. type of data. Thus, a media type of "image/xyz" is enough to tell a
  99. user agent that the data is an image, even if the user agent has no
  100. knowledge of the specific image format "xyz". Such information can
  101. be used, for example, to decide whether or not to show a user the raw
  102. data from an unrecognized subtype -- such an action might be
  103. reasonable for unrecognized subtypes of "text", but not for
  104. unrecognized subtypes of "image" or "audio". For this reason,
  105. registered subtypes of "text", "image", "audio", and "video" should
  106. not contain embedded information that is really of a different type.
  107. Such compound formats should be represented using the "multipart" or
  108. "application" types.
  109. Parameters are modifiers of the media subtype, and as such do not
  110. fundamentally affect the nature of the content. The set of
  111. meaningful parameters depends on the media type and subtype. Most
  112. parameters are associated with a single specific subtype. However, a
  113. given top-level media type may define parameters which are applicable
  114. to any subtype of that type. Parameters may be required by their
  115. defining media type or subtype or they may be optional. MIME
  116. implementations must also ignore any parameters whose names they do
  117. not recognize.
  118. MIME's Content-Type header field and media type mechanism has been
  119. carefully designed to be extensible, and it is expected that the set
  120. of media type/subtype pairs and their associated parameters will grow
  121. significantly over time. Several other MIME facilities, such as
  122. transfer encodings and "message/external-body" access types, are
  123. likely to have new values defined over time. In order to ensure that
  124. the set of such values is developed in an orderly, well-specified,
  125. and public manner, MIME sets up a registration process which uses the
  126. Internet Assigned Numbers Authority (IANA) as a central registry for
  127. MIME's various areas of extensibility. The registration process for
  128. these areas is described in a companion document, RFC 2048.
  129. Freed & Borenstein Standards Track [Page 3]
  130. RFC 2046 Media Types November 1996
  131. The initial seven standard top-level media type are defined and
  132. described in the remainder of this document.
  133. 2. Definition of a Top-Level Media Type
  134. The definition of a top-level media type consists of:
  135. (1) a name and a description of the type, including
  136. criteria for whether a particular type would qualify
  137. under that type,
  138. (2) the names and definitions of parameters, if any, which
  139. are defined for all subtypes of that type (including
  140. whether such parameters are required or optional),
  141. (3) how a user agent and/or gateway should handle unknown
  142. subtypes of this type,
  143. (4) general considerations on gatewaying entities of this
  144. top-level type, if any, and
  145. (5) any restrictions on content-transfer-encodings for
  146. entities of this top-level type.
  147. 3. Overview Of The Initial Top-Level Media Types
  148. The five discrete top-level media types are:
  149. (1) text -- textual information. The subtype "plain" in
  150. particular indicates plain text containing no
  151. formatting commands or directives of any sort. Plain
  152. text is intended to be displayed "as-is". No special
  153. software is required to get the full meaning of the
  154. text, aside from support for the indicated character
  155. set. Other subtypes are to be used for enriched text in
  156. forms where application software may enhance the
  157. appearance of the text, but such software must not be
  158. required in order to get the general idea of the
  159. content. Possible subtypes of "text" thus include any
  160. word processor format that can be read without
  161. resorting to software that understands the format. In
  162. particular, formats that employ embeddded binary
  163. formatting information are not considered directly
  164. readable. A very simple and portable subtype,
  165. "richtext", was defined in RFC 1341, with a further
  166. revision in RFC 1896 under the name "enriched".
  167. Freed & Borenstein Standards Track [Page 4]
  168. RFC 2046 Media Types November 1996
  169. (2) image -- image data. "Image" requires a display device
  170. (such as a graphical display, a graphics printer, or a
  171. FAX machine) to view the information. An initial
  172. subtype is defined for the widely-used image format
  173. JPEG. . subtypes are defined for two widely-used image
  174. formats, jpeg and gif.
  175. (3) audio -- audio data. "Audio" requires an audio output
  176. device (such as a speaker or a telephone) to "display"
  177. the contents. An initial subtype "basic" is defined in
  178. this document.
  179. (4) video -- video data. "Video" requires the capability
  180. to display moving images, typically including
  181. specialized hardware and software. An initial subtype
  182. "mpeg" is defined in this document.
  183. (5) application -- some other kind of data, typically
  184. either uninterpreted binary data or information to be
  185. processed by an application. The subtype "octet-
  186. stream" is to be used in the case of uninterpreted
  187. binary data, in which case the simplest recommended
  188. action is to offer to write the information into a file
  189. for the user. The "PostScript" subtype is also defined
  190. for the transport of PostScript material. Other
  191. expected uses for "application" include spreadsheets,
  192. data for mail-based scheduling systems, and languages
  193. for "active" (computational) messaging, and word
  194. processing formats that are not directly readable.
  195. Note that security considerations may exist for some
  196. types of application data, most notably
  197. "application/PostScript" and any form of active
  198. messaging. These issues are discussed later in this
  199. document.
  200. The two composite top-level media types are:
  201. (1) multipart -- data consisting of multiple entities of
  202. independent data types. Four subtypes are initially
  203. defined, including the basic "mixed" subtype specifying
  204. a generic mixed set of parts, "alternative" for
  205. representing the same data in multiple formats,
  206. "parallel" for parts intended to be viewed
  207. simultaneously, and "digest" for multipart entities in
  208. which each part has a default type of "message/rfc822".
  209. Freed & Borenstein Standards Track [Page 5]
  210. RFC 2046 Media Types November 1996
  211. (2) message -- an encapsulated message. A body of media
  212. type "message" is itself all or a portion of some kind
  213. of message object. Such objects may or may not in turn
  214. contain other entities. The "rfc822" subtype is used
  215. when the encapsulated content is itself an RFC 822
  216. message. The "partial" subtype is defined for partial
  217. RFC 822 messages, to permit the fragmented transmission
  218. of bodies that are thought to be too large to be passed
  219. through transport facilities in one piece. Another
  220. subtype, "external-body", is defined for specifying
  221. large bodies by reference to an external data source.
  222. It should be noted that the list of media type values given here may
  223. be augmented in time, via the mechanisms described above, and that
  224. the set of subtypes is expected to grow substantially.
  225. 4. Discrete Media Type Values
  226. Five of the seven initial media type values refer to discrete bodies.
  227. The content of these types must be handled by non-MIME mechanisms;
  228. they are opaque to MIME processors.
  229. 4.1. Text Media Type
  230. The "text" media type is intended for sending material which is
  231. principally textual in form. A "charset" parameter may be used to
  232. indicate the character set of the body text for "text" subtypes,
  233. notably including the subtype "text/plain", which is a generic
  234. subtype for plain text. Plain text does not provide for or allow
  235. formatting commands, font attribute specifications, processing
  236. instructions, interpretation directives, or content markup. Plain
  237. text is seen simply as a linear sequence of characters, possibly
  238. interrupted by line breaks or page breaks. Plain text may allow the
  239. stacking of several characters in the same position in the text.
  240. Plain text in scripts like Arabic and Hebrew may also include
  241. facilitites that allow the arbitrary mixing of text segments with
  242. opposite writing directions.
  243. Beyond plain text, there are many formats for representing what might
  244. be known as "rich text". An interesting characteristic of many such
  245. representations is that they are to some extent readable even without
  246. the software that interprets them. It is useful, then, to
  247. distinguish them, at the highest level, from such unreadable data as
  248. images, audio, or text represented in an unreadable form. In the
  249. absence of appropriate interpretation software, it is reasonable to
  250. show subtypes of "text" to the user, while it is not reasonable to do
  251. so with most nontextual data. Such formatted textual data should be
  252. represented using subtypes of "text".
  253. Freed & Borenstein Standards Track [Page 6]
  254. RFC 2046 Media Types November 1996
  255. 4.1.1. Representation of Line Breaks
  256. The canonical form of any MIME "text" subtype MUST always represent a
  257. line break as a CRLF sequence. Similarly, any occurrence of CRLF in
  258. MIME "text" MUST represent a line break. Use of CR and LF outside of
  259. line break sequences is also forbidden.
  260. This rule applies regardless of format or character set or sets
  261. involved.
  262. NOTE: The proper interpretation of line breaks when a body is
  263. displayed depends on the media type. In particular, while it is
  264. appropriate to treat a line break as a transition to a new line when
  265. displaying a "text/plain" body, this treatment is actually incorrect
  266. for other subtypes of "text" like "text/enriched" [RFC-1896].
  267. Similarly, whether or not line breaks should be added during display
  268. operations is also a function of the media type. It should not be
  269. necessary to add any line breaks to display "text/plain" correctly,
  270. whereas proper display of "text/enriched" requires the appropriate
  271. addition of line breaks.
  272. NOTE: Some protocols defines a maximum line length. E.g. SMTP [RFC-
  273. 821] allows a maximum of 998 octets before the next CRLF sequence.
  274. To be transported by such protocols, data which includes too long
  275. segments without CRLF sequences must be encoded with a suitable
  276. content-transfer-encoding.
  277. 4.1.2. Charset Parameter
  278. A critical parameter that may be specified in the Content-Type field
  279. for "text/plain" data is the character set. This is specified with a
  280. "charset" parameter, as in:
  281. Content-type: text/plain; charset=iso-8859-1
  282. Unlike some other parameter values, the values of the charset
  283. parameter are NOT case sensitive. The default character set, which
  284. must be assumed in the absence of a charset parameter, is US-ASCII.
  285. The specification for any future subtypes of "text" must specify
  286. whether or not they will also utilize a "charset" parameter, and may
  287. possibly restrict its values as well. For other subtypes of "text"
  288. than "text/plain", the semantics of the "charset" parameter should be
  289. defined to be identical to those specified here for "text/plain",
  290. i.e., the body consists entirely of characters in the given charset.
  291. In particular, definers of future "text" subtypes should pay close
  292. attention to the implications of multioctet character sets for their
  293. subtype definitions.
  294. Freed & Borenstein Standards Track [Page 7]
  295. RFC 2046 Media Types November 1996
  296. The charset parameter for subtypes of "text" gives a name of a
  297. character set, as "character set" is defined in RFC 2045. The rules
  298. regarding line breaks detailed in the previous section must also be
  299. observed -- a character set whose definition does not conform to
  300. these rules cannot be used in a MIME "text" subtype.
  301. An initial list of predefined character set names can be found at the
  302. end of this section. Additional character sets may be registered
  303. with IANA.
  304. Other media types than subtypes of "text" might choose to employ the
  305. charset parameter as defined here, but with the CRLF/line break
  306. restriction removed. Therefore, all character sets that conform to
  307. the general definition of "character set" in RFC 2045 can be
  308. registered for MIME use.
  309. Note that if the specified character set includes 8-bit characters
  310. and such characters are used in the body, a Content-Transfer-Encoding
  311. header field and a corresponding encoding on the data are required in
  312. order to transmit the body via some mail transfer protocols, such as
  313. SMTP [RFC-821].
  314. The default character set, US-ASCII, has been the subject of some
  315. confusion and ambiguity in the past. Not only were there some
  316. ambiguities in the definition, there have been wide variations in
  317. practice. In order to eliminate such ambiguity and variations in the
  318. future, it is strongly recommended that new user agents explicitly
  319. specify a character set as a media type parameter in the Content-Type
  320. header field. "US-ASCII" does not indicate an arbitrary 7-bit
  321. character set, but specifies that all octets in the body must be
  322. interpreted as characters according to the US-ASCII character set.
  323. National and application-oriented versions of ISO 646 [ISO-646] are
  324. usually NOT identical to US-ASCII, and in that case their use in
  325. Internet mail is explicitly discouraged. The omission of the ISO 646
  326. character set from this document is deliberate in this regard. The
  327. character set name of "US-ASCII" explicitly refers to the character
  328. set defined in ANSI X3.4-1986 [US- ASCII]. The new international
  329. reference version (IRV) of the 1991 edition of ISO 646 is identical
  330. to US-ASCII. The character set name "ASCII" is reserved and must not
  331. be used for any purpose.
  332. NOTE: RFC 821 explicitly specifies "ASCII", and references an earlier
  333. version of the American Standard. Insofar as one of the purposes of
  334. specifying a media type and character set is to permit the receiver
  335. to unambiguously determine how the sender intended the coded message
  336. to be interpreted, assuming anything other than "strict ASCII" as the
  337. default would risk unintentional and incompatible changes to the
  338. semantics of messages now being transmitted. This also implies that
  339. Freed & Borenstein Standards Track [Page 8]
  340. RFC 2046 Media Types November 1996
  341. messages containing characters coded according to other versions of
  342. ISO 646 than US-ASCII and the 1991 IRV, or using code-switching
  343. procedures (e.g., those of ISO 2022), as well as 8bit or multiple
  344. octet character encodings MUST use an appropriate character set
  345. specification to be consistent with MIME.
  346. The complete US-ASCII character set is listed in ANSI X3.4- 1986.
  347. Note that the control characters including DEL (0-31, 127) have no
  348. defined meaning in apart from the combination CRLF (US-ASCII values
  349. 13 and 10) indicating a new line. Two of the characters have de
  350. facto meanings in wide use: FF (12) often means "start subsequent
  351. text on the beginning of a new page"; and TAB or HT (9) often (though
  352. not always) means "move the cursor to the next available column after
  353. the current position where the column number is a multiple of 8
  354. (counting the first column as column 0)." Aside from these
  355. conventions, any use of the control characters or DEL in a body must
  356. either occur
  357. (1) because a subtype of text other than "plain"
  358. specifically assigns some additional meaning, or
  359. (2) within the context of a private agreement between the
  360. sender and recipient. Such private agreements are
  361. discouraged and should be replaced by the other
  362. capabilities of this document.
  363. NOTE: An enormous proliferation of character sets exist beyond US-
  364. ASCII. A large number of partially or totally overlapping character
  365. sets is NOT a good thing. A SINGLE character set that can be used
  366. universally for representing all of the world's languages in Internet
  367. mail would be preferrable. Unfortunately, existing practice in
  368. several communities seems to point to the continued use of multiple
  369. character sets in the near future. A small number of standard
  370. character sets are, therefore, defined for Internet use in this
  371. document.
  372. The defined charset values are:
  373. (1) US-ASCII -- as defined in ANSI X3.4-1986 [US-ASCII].
  374. (2) ISO-8859-X -- where "X" is to be replaced, as
  375. necessary, for the parts of ISO-8859 [ISO-8859]. Note
  376. that the ISO 646 character sets have deliberately been
  377. omitted in favor of their 8859 replacements, which are
  378. the designated character sets for Internet mail. As of
  379. the publication of this document, the legitimate values
  380. for "X" are the digits 1 through 10.
  381. Freed & Borenstein Standards Track [Page 9]
  382. RFC 2046 Media Types November 1996
  383. Characters in the range 128-159 has no assigned meaning in ISO-8859-
  384. X. Characters with values below 128 in ISO-8859-X have the same
  385. assigned meaning as they do in US-ASCII.
  386. Part 6 of ISO 8859 (Latin/Arabic alphabet) and part 8 (Latin/Hebrew
  387. alphabet) includes both characters for which the normal writing
  388. direction is right to left and characters for which it is left to
  389. right, but do not define a canonical ordering method for representing
  390. bi-directional text. The charset values "ISO-8859-6" and "ISO-8859-
  391. 8", however, specify that the visual method is used [RFC-1556].
  392. All of these character sets are used as pure 7bit or 8bit sets
  393. without any shift or escape functions. The meaning of shift and
  394. escape sequences in these character sets is not defined.
  395. The character sets specified above are the ones that were relatively
  396. uncontroversial during the drafting of MIME. This document does not
  397. endorse the use of any particular character set other than US-ASCII,
  398. and recognizes that the future evolution of world character sets
  399. remains unclear.
  400. Note that the character set used, if anything other than US- ASCII,
  401. must always be explicitly specified in the Content-Type field.
  402. No character set name other than those defined above may be used in
  403. Internet mail without the publication of a formal specification and
  404. its registration with IANA, or by private agreement, in which case
  405. the character set name must begin with "X-".
  406. Implementors are discouraged from defining new character sets unless
  407. absolutely necessary.
  408. The "charset" parameter has been defined primarily for the purpose of
  409. textual data, and is described in this section for that reason.
  410. However, it is conceivable that non-textual data might also wish to
  411. specify a charset value for some purpose, in which case the same
  412. syntax and values should be used.
  413. In general, composition software should always use the "lowest common
  414. denominator" character set possible. For example, if a body contains
  415. only US-ASCII characters, it SHOULD be marked as being in the US-
  416. ASCII character set, not ISO-8859-1, which, like all the ISO-8859
  417. family of character sets, is a superset of US-ASCII. More generally,
  418. if a widely-used character set is a subset of another character set,
  419. and a body contains only characters in the widely-used subset, it
  420. should be labelled as being in that subset. This will increase the
  421. chances that the recipient will be able to view the resulting entity
  422. correctly.
  423. Freed & Borenstein Standards Track [Page 10]
  424. RFC 2046 Media Types November 1996
  425. 4.1.3. Plain Subtype
  426. The simplest and most important subtype of "text" is "plain". This
  427. indicates plain text that does not contain any formatting commands or
  428. directives. Plain text is intended to be displayed "as-is", that is,
  429. no interpretation of embedded formatting commands, font attribute
  430. specifications, processing instructions, interpretation directives,
  431. or content markup should be necessary for proper display. The
  432. default media type of "text/plain; charset=us-ascii" for Internet
  433. mail describes existing Internet practice. That is, it is the type
  434. of body defined by RFC 822.
  435. No other "text" subtype is defined by this document.
  436. 4.1.4. Unrecognized Subtypes
  437. Unrecognized subtypes of "text" should be treated as subtype "plain"
  438. as long as the MIME implementation knows how to handle the charset.
  439. Unrecognized subtypes which also specify an unrecognized charset
  440. should be treated as "application/octet- stream".
  441. 4.2. Image Media Type
  442. A media type of "image" indicates that the body contains an image.
  443. The subtype names the specific image format. These names are not
  444. case sensitive. An initial subtype is "jpeg" for the JPEG format
  445. using JFIF encoding [JPEG].
  446. The list of "image" subtypes given here is neither exclusive nor
  447. exhaustive, and is expected to grow as more types are registered with
  448. IANA, as described in RFC 2048.
  449. Unrecognized subtypes of "image" should at a miniumum be treated as
  450. "application/octet-stream". Implementations may optionally elect to
  451. pass subtypes of "image" that they do not specifically recognize to a
  452. secure and robust general-purpose image viewing application, if such
  453. an application is available.
  454. NOTE: Using of a generic-purpose image viewing application this way
  455. inherits the security problems of the most dangerous type supported
  456. by the application.
  457. 4.3. Audio Media Type
  458. A media type of "audio" indicates that the body contains audio data.
  459. Although there is not yet a consensus on an "ideal" audio format for
  460. use with computers, there is a pressing need for a format capable of
  461. providing interoperable behavior.
  462. Freed & Borenstein Standards Track [Page 11]
  463. RFC 2046 Media Types November 1996
  464. The initial subtype of "basic" is specified to meet this requirement
  465. by providing an absolutely minimal lowest common denominator audio
  466. format. It is expected that richer formats for higher quality and/or
  467. lower bandwidth audio will be defined by a later document.
  468. The content of the "audio/basic" subtype is single channel audio
  469. encoded using 8bit ISDN mu-law [PCM] at a sample rate of 8000 Hz.
  470. Unrecognized subtypes of "audio" should at a miniumum be treated as
  471. "application/octet-stream". Implementations may optionally elect to
  472. pass subtypes of "audio" that they do not specifically recognize to a
  473. robust general-purpose audio playing application, if such an
  474. application is available.
  475. 4.4. Video Media Type
  476. A media type of "video" indicates that the body contains a time-
  477. varying-picture image, possibly with color and coordinated sound.
  478. The term 'video' is used in its most generic sense, rather than with
  479. reference to any particular technology or format, and is not meant to
  480. preclude subtypes such as animated drawings encoded compactly. The
  481. subtype "mpeg" refers to video coded according to the MPEG standard
  482. [MPEG].
  483. Note that although in general this document strongly discourages the
  484. mixing of multiple media in a single body, it is recognized that many
  485. so-called video formats include a representation for synchronized
  486. audio, and this is explicitly permitted for subtypes of "video".
  487. Unrecognized subtypes of "video" should at a minumum be treated as
  488. "application/octet-stream". Implementations may optionally elect to
  489. pass subtypes of "video" that they do not specifically recognize to a
  490. robust general-purpose video display application, if such an
  491. application is available.
  492. 4.5. Application Media Type
  493. The "application" media type is to be used for discrete data which do
  494. not fit in any of the other categories, and particularly for data to
  495. be processed by some type of application program. This is
  496. information which must be processed by an application before it is
  497. viewable or usable by a user. Expected uses for the "application"
  498. media type include file transfer, spreadsheets, data for mail-based
  499. scheduling systems, and languages for "active" (computational)
  500. material. (The latter, in particular, can pose security problems
  501. which must be understood by implementors, and are considered in
  502. detail in the discussion of the "application/PostScript" media type.)
  503. Freed & Borenstein Standards Track [Page 12]
  504. RFC 2046 Media Types November 1996
  505. For example, a meeting scheduler might define a standard
  506. representation for information about proposed meeting dates. An
  507. intelligent user agent would use this information to conduct a dialog
  508. with the user, and might then send additional material based on that
  509. dialog. More generally, there have been several "active" messaging
  510. languages developed in which programs in a suitably specialized
  511. language are transported to a remote location and automatically run
  512. in the recipient's environment.
  513. Such applications may be defined as subtypes of the "application"
  514. media type. This document defines two subtypes:
  515. octet-stream, and PostScript.
  516. The subtype of "application" will often be either the name or include
  517. part of the name of the application for which the data are intended.
  518. This does not mean, however, that any application program name may be
  519. used freely as a subtype of "application".
  520. 4.5.1. Octet-Stream Subtype
  521. The "octet-stream" subtype is used to indicate that a body contains
  522. arbitrary binary data. The set of currently defined parameters is:
  523. (1) TYPE -- the general type or category of binary data.
  524. This is intended as information for the human recipient
  525. rather than for any automatic processing.
  526. (2) PADDING -- the number of bits of padding that were
  527. appended to the bit-stream comprising the actual
  528. contents to produce the enclosed 8bit byte-oriented
  529. data. This is useful for enclosing a bit-stream in a
  530. body when the total number of bits is not a multiple of
  531. 8.
  532. Both of these parameters are optional.
  533. An additional parameter, "CONVERSIONS", was defined in RFC 1341 but
  534. has since been removed. RFC 1341 also defined the use of a "NAME"
  535. parameter which gave a suggested file name to be used if the data
  536. were to be written to a file. This has been deprecated in
  537. anticipation of a separate Content-Disposition header field, to be
  538. defined in a subsequent RFC.
  539. The recommended action for an implementation that receives an
  540. "application/octet-stream" entity is to simply offer to put the data
  541. in a file, with any Content-Transfer-Encoding undone, or perhaps to
  542. use it as input to a user-specified process.
  543. Freed & Borenstein Standards Track [Page 13]
  544. RFC 2046 Media Types November 1996
  545. To reduce the danger of transmitting rogue programs, it is strongly
  546. recommended that implementations NOT implement a path-search
  547. mechanism whereby an arbitrary program named in the Content-Type
  548. parameter (e.g., an "interpreter=" parameter) is found and executed
  549. using the message body as input.
  550. 4.5.2. PostScript Subtype
  551. A media type of "application/postscript" indicates a PostScript
  552. program. Currently two variants of the PostScript language are
  553. allowed; the original level 1 variant is described in [POSTSCRIPT]
  554. and the more recent level 2 variant is described in [POSTSCRIPT2].
  555. PostScript is a registered trademark of Adobe Systems, Inc. Use of
  556. the MIME media type "application/postscript" implies recognition of
  557. that trademark and all the rights it entails.
  558. The PostScript language definition provides facilities for internal
  559. labelling of the specific language features a given program uses.
  560. This labelling, called the PostScript document structuring
  561. conventions, or DSC, is very general and provides substantially more
  562. information than just the language level. The use of document
  563. structuring conventions, while not required, is strongly recommended
  564. as an aid to interoperability. Documents which lack proper
  565. structuring conventions cannot be tested to see whether or not they
  566. will work in a given environment. As such, some systems may assume
  567. the worst and refuse to process unstructured documents.
  568. The execution of general-purpose PostScript interpreters entails
  569. serious security risks, and implementors are discouraged from simply
  570. sending PostScript bodies to "off- the-shelf" interpreters. While it
  571. is usually safe to send PostScript to a printer, where the potential
  572. for harm is greatly constrained by typical printer environments,
  573. implementors should consider all of the following before they add
  574. interactive display of PostScript bodies to their MIME readers.
  575. The remainder of this section outlines some, though probably not all,
  576. of the possible problems with the transport of PostScript entities.
  577. (1) Dangerous operations in the PostScript language
  578. include, but may not be limited to, the PostScript
  579. operators "deletefile", "renamefile", "filenameforall",
  580. and "file". "File" is only dangerous when applied to
  581. something other than standard input or output.
  582. Implementations may also define additional nonstandard
  583. file operators; these may also pose a threat to
  584. security. "Filenameforall", the wildcard file search
  585. operator, may appear at first glance to be harmless.
  586. Freed & Borenstein Standards Track [Page 14]
  587. RFC 2046 Media Types November 1996
  588. Note, however, that this operator has the potential to
  589. reveal information about what files the recipient has
  590. access to, and this information may itself be
  591. sensitive. Message senders should avoid the use of
  592. potentially dangerous file operators, since these
  593. operators are quite likely to be unavailable in secure
  594. PostScript implementations. Message receiving and
  595. displaying software should either completely disable
  596. all potentially dangerous file operators or take
  597. special care not to delegate any special authority to
  598. their operation. These operators should be viewed as
  599. being done by an outside agency when interpreting
  600. PostScript documents. Such disabling and/or checking
  601. should be done completely outside of the reach of the
  602. PostScript language itself; care should be taken to
  603. insure that no method exists for re-enabling full-
  604. function versions of these operators.
  605. (2) The PostScript language provides facilities for exiting
  606. the normal interpreter, or server, loop. Changes made
  607. in this "outer" environment are customarily retained
  608. across documents, and may in some cases be retained
  609. semipermanently in nonvolatile memory. The operators
  610. associated with exiting the interpreter loop have the
  611. potential to interfere with subsequent document
  612. processing. As such, their unrestrained use
  613. constitutes a threat of service denial. PostScript
  614. operators that exit the interpreter loop include, but
  615. may not be limited to, the exitserver and startjob
  616. operators. Message sending software should not
  617. generate PostScript that depends on exiting the
  618. interpreter loop to operate, since the ability to exit
  619. will probably be unavailable in secure PostScript
  620. implementations. Message receiving and displaying
  621. software should completely disable the ability to make
  622. retained changes to the PostScript environment by
  623. eliminating or disabling the "startjob" and
  624. "exitserver" operations. If these operations cannot be
  625. eliminated or completely disabled the password
  626. associated with them should at least be set to a hard-
  627. to-guess value.
  628. (3) PostScript provides operators for setting system-wide
  629. and device-specific parameters. These parameter
  630. settings may be retained across jobs and may
  631. potentially pose a threat to the correct operation of
  632. the interpreter. The PostScript operators that set
  633. system and device parameters include, but may not be
  634. Freed & Borenstein Standards Track [Page 15]
  635. RFC 2046 Media Types November 1996
  636. limited to, the "setsystemparams" and "setdevparams"
  637. operators. Message sending software should not
  638. generate PostScript that depends on the setting of
  639. system or device parameters to operate correctly. The
  640. ability to set these parameters will probably be
  641. unavailable in secure PostScript implementations.
  642. Message receiving and displaying software should
  643. disable the ability to change system and device
  644. parameters. If these operators cannot be completely
  645. disabled the password associated with them should at
  646. least be set to a hard-to-guess value.
  647. (4) Some PostScript implementations provide nonstandard
  648. facilities for the direct loading and execution of
  649. machine code. Such facilities are quite obviously open
  650. to substantial abuse. Message sending software should
  651. not make use of such features. Besides being totally
  652. hardware-specific, they are also likely to be
  653. unavailable in secure implementations of PostScript.
  654. Message receiving and displaying software should not
  655. allow such operators to be used if they exist.
  656. (5) PostScript is an extensible language, and many, if not
  657. most, implementations of it provide a number of their
  658. own extensions. This document does not deal with such
  659. extensions explicitly since they constitute an unknown
  660. factor. Message sending software should not make use
  661. of nonstandard extensions; they are likely to be
  662. missing from some implementations. Message receiving
  663. and displaying software should make sure that any
  664. nonstandard PostScript operators are secure and don't
  665. present any kind of threat.
  666. (6) It is possible to write PostScript that consumes huge
  667. amounts of various system resources. It is also
  668. possible to write PostScript programs that loop
  669. indefinitely. Both types of programs have the
  670. potential to cause damage if sent to unsuspecting
  671. recipients. Message-sending software should avoid the
  672. construction and dissemination of such programs, which
  673. is antisocial. Message receiving and displaying
  674. software should provide appropriate mechanisms to abort
  675. processing after a reasonable amount of time has
  676. elapsed. In addition, PostScript interpreters should be
  677. limited to the consumption of only a reasonable amount
  678. of any given system resource.
  679. Freed & Borenstein Standards Track [Page 16]
  680. RFC 2046 Media Types November 1996
  681. (7) It is possible to include raw binary information inside
  682. PostScript in various forms. This is not recommended
  683. for use in Internet mail, both because it is not
  684. supported by all PostScript interpreters and because it
  685. significantly complicates the use of a MIME Content-
  686. Transfer-Encoding. (Without such binary, PostScript
  687. may typically be viewed as line-oriented data. The
  688. treatment of CRLF sequences becomes extremely
  689. problematic if binary and line-oriented data are mixed
  690. in a single Postscript data stream.)
  691. (8) Finally, bugs may exist in some PostScript interpreters
  692. which could possibly be exploited to gain unauthorized
  693. access to a recipient's system. Apart from noting this
  694. possibility, there is no specific action to take to
  695. prevent this, apart from the timely correction of such
  696. bugs if any are found.
  697. 4.5.3. Other Application Subtypes
  698. It is expected that many other subtypes of "application" will be
  699. defined in the future. MIME implementations must at a minimum treat
  700. any unrecognized subtypes as being equivalent to "application/octet-
  701. stream".
  702. 5. Composite Media Type Values
  703. The remaining two of the seven initial Content-Type values refer to
  704. composite entities. Composite entities are handled using MIME
  705. mechanisms -- a MIME processor typically handles the body directly.
  706. 5.1. Multipart Media Type
  707. In the case of multipart entities, in which one or more different
  708. sets of data are combined in a single body, a "multipart" media type
  709. field must appear in the entity's header. The body must then contain
  710. one or more body parts, each preceded by a boundary delimiter line,
  711. and the last one followed by a closing boundary delimiter line.
  712. After its boundary delimiter line, each body part then consists of a
  713. header area, a blank line, and a body area. Thus a body part is
  714. similar to an RFC 822 message in syntax, but different in meaning.
  715. A body part is an entity and hence is NOT to be interpreted as
  716. actually being an RFC 822 message. To begin with, NO header fields
  717. are actually required in body parts. A body part that starts with a
  718. blank line, therefore, is allowed and is a body part for which all
  719. default values are to be assumed. In such a case, the absence of a
  720. Content-Type header usually indicates that the corresponding body has
  721. Freed & Borenstein Standards Track [Page 17]
  722. RFC 2046 Media Types November 1996
  723. a content-type of "text/plain; charset=US-ASCII".
  724. The only header fields that have defined meaning for body parts are
  725. those the names of which begin with "Content-". All other header
  726. fields may be ignored in body parts. Although they should generally
  727. be retained if at all possible, they may be discarded by gateways if
  728. necessary. Such other fields are permitted to appear in body parts
  729. but must not be depended on. "X-" fields may be created for
  730. experimental or private purposes, with the recognition that the
  731. information they contain may be lost at some gateways.
  732. NOTE: The distinction between an RFC 822 message and a body part is
  733. subtle, but important. A gateway between Internet and X.400 mail,
  734. for example, must be able to tell the difference between a body part
  735. that contains an image and a body part that contains an encapsulated
  736. message, the body of which is a JPEG image. In order to represent
  737. the latter, the body part must have "Content-Type: message/rfc822",
  738. and its body (after the blank line) must be the encapsulated message,
  739. with its own "Content-Type: image/jpeg" header field. The use of
  740. similar syntax facilitates the conversion of messages to body parts,
  741. and vice versa, but the distinction between the two must be
  742. understood by implementors. (For the special case in which parts
  743. actually are messages, a "digest" subtype is also defined.)
  744. As stated previously, each body part is preceded by a boundary
  745. delimiter line that contains the boundary delimiter. The boundary
  746. delimiter MUST NOT appear inside any of the encapsulated parts, on a
  747. line by itself or as the prefix of any line. This implies that it is
  748. crucial that the composing agent be able to choose and specify a
  749. unique boundary parameter value that does not contain the boundary
  750. parameter value of an enclosing multipart as a prefix.
  751. All present and future subtypes of the "multipart" type must use an
  752. identical syntax. Subtypes may differ in their semantics, and may
  753. impose additional restrictions on syntax, but must conform to the
  754. required syntax for the "multipart" type. This requirement ensures
  755. that all conformant user agents will at least be able to recognize
  756. and separate the parts of any multipart entity, even those of an
  757. unrecognized subtype.
  758. As stated in the definition of the Content-Transfer-Encoding field
  759. [RFC 2045], no encoding other than "7bit", "8bit", or "binary" is
  760. permitted for entities of type "multipart". The "multipart" boundary
  761. delimiters and header fields are always represented as 7bit US-ASCII
  762. in any case (though the header fields may encode non-US-ASCII header
  763. text as per RFC 2047) and data within the body parts can be encoded
  764. on a part-by-part basis, with Content-Transfer-Encoding fields for
  765. each appropriate body part.
  766. Freed & Borenstein Standards Track [Page 18]
  767. RFC 2046 Media Types November 1996
  768. 5.1.1. Common Syntax
  769. This section defines a common syntax for subtypes of "multipart".
  770. All subtypes of "multipart" must use this syntax. A simple example
  771. of a multipart message also appears in this section. An example of a
  772. more complex multipart message is given in RFC 2049.
  773. The Content-Type field for multipart entities requires one parameter,
  774. "boundary". The boundary delimiter line is then defined as a line
  775. consisting entirely of two hyphen characters ("-", decimal value 45)
  776. followed by the boundary parameter value from the Content-Type header
  777. field, optional linear whitespace, and a terminating CRLF.
  778. NOTE: The hyphens are for rough compatibility with the earlier RFC
  779. 934 method of message encapsulation, and for ease of searching for
  780. the boundaries in some implementations. However, it should be noted
  781. that multipart messages are NOT completely compatible with RFC 934
  782. encapsulations; in particular, they do not obey RFC 934 quoting
  783. conventions for embedded lines that begin with hyphens. This
  784. mechanism was chosen over the RFC 934 mechanism because the latter
  785. causes lines to grow with each level of quoting. The combination of
  786. this growth with the fact that SMTP implementations sometimes wrap
  787. long lines made the RFC 934 mechanism unsuitable for use in the event
  788. that deeply-nested multipart structuring is ever desired.
  789. WARNING TO IMPLEMENTORS: The grammar for parameters on the Content-
  790. type field is such that it is often necessary to enclose the boundary
  791. parameter values in quotes on the Content-type line. This is not
  792. always necessary, but never hurts. Implementors should be sure to
  793. study the grammar carefully in order to avoid producing invalid
  794. Content-type fields. Thus, a typical "multipart" Content-Type header
  795. field might look like this:
  796. Content-Type: multipart/mixed; boundary=gc0p4Jq0M2Yt08j34c0p
  797. But the following is not valid:
  798. Content-Type: multipart/mixed; boundary=gc0pJq0M:08jU534c0p
  799. (because of the colon) and must instead be represented as
  800. Content-Type: multipart/mixed; boundary="gc0pJq0M:08jU534c0p"
  801. This Content-Type value indicates that the content consists of one or
  802. more parts, each with a structure that is syntactically identical to
  803. an RFC 822 message, except that the header area is allowed to be
  804. completely empty, and that the parts are each preceded by the line
  805. Freed & Borenstein Standards Track [Page 19]
  806. RFC 2046 Media Types November 1996
  807. --gc0pJq0M:08jU534c0p
  808. The boundary delimiter MUST occur at the beginning of a line, i.e.,
  809. following a CRLF, and the initial CRLF is considered to be attached
  810. to the boundary delimiter line rather than part of the preceding
  811. part. The boundary may be followed by zero or more characters of
  812. linear whitespace. It is then terminated by either another CRLF and
  813. the header fields for the next part, or by two CRLFs, in which case
  814. there are no header fields for the next part. If no Content-Type
  815. field is present it is assumed to be "message/rfc822" in a
  816. "multipart/digest" and "text/plain" otherwise.
  817. NOTE: The CRLF preceding the boundary delimiter line is conceptually
  818. attached to the boundary so that it is possible to have a part that
  819. does not end with a CRLF (line break). Body parts that must be
  820. considered to end with line breaks, therefore, must have two CRLFs
  821. preceding the boundary delimiter line, the first of which is part of
  822. the preceding body part, and the second of which is part of the
  823. encapsulation boundary.
  824. Boundary delimiters must not appear within the encapsulated material,
  825. and must be no longer than 70 characters, not counting the two
  826. leading hyphens.
  827. The boundary delimiter line following the last body part is a
  828. distinguished delimiter that indicates that no further body parts
  829. will follow. Such a delimiter line is identical to the previous
  830. delimiter lines, with the addition of two more hyphens after the
  831. boundary parameter value.
  832. --gc0pJq0M:08jU534c0p--
  833. NOTE TO IMPLEMENTORS: Boundary string comparisons must compare the
  834. boundary value with the beginning of each candidate line. An exact
  835. match of the entire candidate line is not required; it is sufficient
  836. that the boundary appear in its entirety following the CRLF.
  837. There appears to be room for additional information prior to the
  838. first boundary delimiter line and following the final boundary
  839. delimiter line. These areas should generally be left blank, and
  840. implementations must ignore anything that appears before the first
  841. boundary delimiter line or after the last one.
  842. NOTE: These "preamble" and "epilogue" areas are generally not used
  843. because of the lack of proper typing of these parts and the lack of
  844. clear semantics for handling these areas at gateways, particularly
  845. X.400 gateways. However, rather than leaving the preamble area
  846. blank, many MIME implementations have found this to be a convenient
  847. Freed & Borenstein Standards Track [Page 20]
  848. RFC 2046 Media Types November 1996
  849. place to insert an explanatory note for recipients who read the
  850. message with pre-MIME software, since such notes will be ignored by
  851. MIME-compliant software.
  852. NOTE: Because boundary delimiters must not appear in the body parts
  853. being encapsulated, a user agent must exercise care to choose a
  854. unique boundary parameter value. The boundary parameter value in the
  855. example above could have been the result of an algorithm designed to
  856. produce boundary delimiters with a very low probability of already
  857. existing in the data to be encapsulated without having to prescan the
  858. data. Alternate algorithms might result in more "readable" boundary
  859. delimiters for a recipient with an old user agent, but would require
  860. more attention to the possibility that the boundary delimiter might
  861. appear at the beginning of some line in the encapsulated part. The
  862. simplest boundary delimiter line possible is something like "---",
  863. with a closing boundary delimiter line of "-----".
  864. As a very simple example, the following multipart message has two
  865. parts, both of them plain text, one of them explicitly typed and one
  866. of them implicitly typed:
  867. From: Nathaniel Borenstein <nsb@bellcore.com>
  868. To: Ned Freed <ned@innosoft.com>
  869. Date: Sun, 21 Mar 1993 23:56:48 -0800 (PST)
  870. Subject: Sample message
  871. MIME-Version: 1.0
  872. Content-type: multipart/mixed; boundary="simple boundary"
  873. This is the preamble. It is to be ignored, though it
  874. is a handy place for composition agents to include an
  875. explanatory note to non-MIME conformant readers.
  876. --simple boundary
  877. This is implicitly typed plain US-ASCII text.
  878. It does NOT end with a linebreak.
  879. --simple boundary
  880. Content-type: text/plain; charset=us-ascii
  881. This is explicitly typed plain US-ASCII text.
  882. It DOES end with a linebreak.
  883. --simple boundary--
  884. This is the epilogue. It is also to be ignored.
  885. Freed & Borenstein Standards Track [Page 21]
  886. RFC 2046 Media Types November 1996
  887. The use of a media type of "multipart" in a body part within another
  888. "multipart" entity is explicitly allowed. In such cases, for obvious
  889. reasons, care must be taken to ensure that each nested "multipart"
  890. entity uses a different boundary delimiter. See RFC 2049 for an
  891. example of nested "multipart" entities.
  892. The use of the "multipart" media type with only a single body part
  893. may be useful in certain contexts, and is explicitly permitted.
  894. NOTE: Experience has shown that a "multipart" media type with a
  895. single body part is useful for sending non-text media types. It has
  896. the advantage of providing the preamble as a place to include
  897. decoding instructions. In addition, a number of SMTP gateways move
  898. or remove the MIME headers, and a clever MIME decoder can take a good
  899. guess at multipart boundaries even in the absence of the Content-Type
  900. header and thereby successfully decode the message.
  901. The only mandatory global parameter for the "multipart" media type is
  902. the boundary parameter, which consists of 1 to 70 characters from a
  903. set of characters known to be very robust through mail gateways, and
  904. NOT ending with white space. (If a boundary delimiter line appears to
  905. end with white space, the white space must be presumed to have been
  906. added by a gateway, and must be deleted.) It is formally specified
  907. by the following BNF:
  908. boundary := 0*69<bchars> bcharsnospace
  909. bchars := bcharsnospace / " "
  910. bcharsnospace := DIGIT / ALPHA / "'" / "(" / ")" /
  911. "+" / "_" / "," / "-" / "." /
  912. "/" / ":" / "=" / "?"
  913. Overall, the body of a "multipart" entity may be specified as
  914. follows:
  915. dash-boundary := "--" boundary
  916. ; boundary taken from the value of
  917. ; boundary parameter of the
  918. ; Content-Type field.
  919. multipart-body := [preamble CRLF]
  920. dash-boundary transport-padding CRLF
  921. body-part *encapsulation
  922. close-delimiter transport-padding
  923. [CRLF epilogue]
  924. Freed & Borenstein Standards Track [Page 22]
  925. RFC 2046 Media Types November 1996
  926. transport-padding := *LWSP-char
  927. ; Composers MUST NOT generate
  928. ; non-zero length transport
  929. ; padding, but receivers MUST
  930. ; be able to handle padding
  931. ; added by message transports.
  932. encapsulation := delimiter transport-padding
  933. CRLF body-part
  934. delimiter := CRLF dash-boundary
  935. close-delimiter := delimiter "--"
  936. preamble := discard-text
  937. epilogue := discard-text
  938. discard-text := *(*text CRLF) *text
  939. ; May be ignored or discarded.
  940. body-part := MIME-part-headers [CRLF *OCTET]
  941. ; Lines in a body-part must not start
  942. ; with the specified dash-boundary and
  943. ; the delimiter must not appear anywhere
  944. ; in the body part. Note that the
  945. ; semantics of a body-part differ from
  946. ; the semantics of a message, as
  947. ; described in the text.
  948. OCTET := <any 0-255 octet value>
  949. IMPORTANT: The free insertion of linear-white-space and RFC 822
  950. comments between the elements shown in this BNF is NOT allowed since
  951. this BNF does not specify a structured header field.
  952. NOTE: In certain transport enclaves, RFC 822 restrictions such as
  953. the one that limits bodies to printable US-ASCII characters may not
  954. be in force. (That is, the transport domains may exist that resemble
  955. standard Internet mail transport as specified in RFC 821 and assumed
  956. by RFC 822, but without certain restrictions.) The relaxation of
  957. these restrictions should be construed as locally extending the
  958. definition of bodies, for example to include octets outside of the
  959. US-ASCII range, as long as these extensions are supported by the
  960. transport and adequately documented in the Content- Transfer-Encoding
  961. header field. However, in no event are headers (either message
  962. headers or body part headers) allowed to contain anything other than
  963. US-ASCII characters.
  964. Freed & Borenstein Standards Track [Page 23]
  965. RFC 2046 Media Types November 1996
  966. NOTE: Conspicuously missing from the "multipart" type is a notion of
  967. structured, related body parts. It is recommended that those wishing
  968. to provide more structured or integrated multipart messaging
  969. facilities should define subtypes of multipart that are syntactically
  970. identical but define relationships between the various parts. For
  971. example, subtypes of multipart could be defined that include a
  972. distinguished part which in turn is used to specify the relationships
  973. between the other parts, probably referring to them by their
  974. Content-ID field. Old implementations will not recognize the new
  975. subtype if this approach is used, but will treat it as
  976. multipart/mixed and will thus be able to show the user the parts that
  977. are recognized.
  978. 5.1.2. Handling Nested Messages and Multiparts
  979. The "message/rfc822" subtype defined in a subsequent section of this
  980. document has no terminating condition other than running out of data.
  981. Similarly, an improperly truncated "multipart" entity may not have
  982. any terminating boundary marker, and can turn up operationally due to
  983. mail system malfunctions.
  984. It is essential that such entities be handled correctly when they are
  985. themselves imbedded inside of another "multipart" structure. MIME
  986. implementations are therefore required to recognize outer level
  987. boundary markers at ANY level of inner nesting. It is not sufficient
  988. to only check for the next expected marker or other terminating
  989. condition.
  990. 5.1.3. Mixed Subtype
  991. The "mixed" subtype of "multipart" is intended for use when the body
  992. parts are independent and need to be bundled in a particular order.
  993. Any "multipart" subtypes that an implementation does not recognize
  994. must be treated as being of subtype "mixed".
  995. 5.1.4. Alternative Subtype
  996. The "multipart/alternative" type is syntactically identical to
  997. "multipart/mixed", but the semantics are different. In particular,
  998. each of the body parts is an "alternative" version of the same
  999. information.
  1000. Systems should recognize that the content of the various parts are
  1001. interchangeable. Systems should choose the "best" type based on the
  1002. local environment and references, in some cases even through user
  1003. interaction. As with "multipart/mixed", the order of body parts is
  1004. significant. In this case, the alternatives appear in an order of
  1005. increasing faithfulness to the original content. In general, the
  1006. Freed & Borenstein Standards Track [Page 24]
  1007. RFC 2046 Media Types November 1996
  1008. best choice is the LAST part of a type supported by the recipient
  1009. system's local environment.
  1010. "Multipart/alternative" may be used, for example, to send a message
  1011. in a fancy text format in such a way that it can easily be displayed
  1012. anywhere:
  1013. From: Nathaniel Borenstein <nsb@bellcore.com>
  1014. To: Ned Freed <ned@innosoft.com>
  1015. Date: Mon, 22 Mar 1993 09:41:09 -0800 (PST)
  1016. Subject: Formatted text mail
  1017. MIME-Version: 1.0
  1018. Content-Type: multipart/alternative; boundary=boundary42
  1019. --boundary42
  1020. Content-Type: text/plain; charset=us-ascii
  1021. ... plain text version of message goes here ...
  1022. --boundary42
  1023. Content-Type: text/enriched
  1024. ... RFC 1896 text/enriched version of same message
  1025. goes here ...
  1026. --boundary42
  1027. Content-Type: application/x-whatever
  1028. ... fanciest version of same message goes here ...
  1029. --boundary42--
  1030. In this example, users whose mail systems understood the
  1031. "application/x-whatever" format would see only the fancy version,
  1032. while other users would see only the enriched or plain text version,
  1033. depending on the capabilities of their system.
  1034. In general, user agents that compose "multipart/alternative" entities
  1035. must place the body parts in increasing order of preference, that is,
  1036. with the preferred format last. For fancy text, the sending user
  1037. agent should put the plainest format first and the richest format
  1038. last. Receiving user agents should pick and display the last format
  1039. they are capable of displaying. In the case where one of the
  1040. alternatives is itself of type "multipart" and contains unrecognized
  1041. sub-parts, the user agent may choose either to show that alternative,
  1042. an earlier alternative, or both.
  1043. Freed & Borenstein Standards Track [Page 25]
  1044. RFC 2046 Media Types November 1996
  1045. NOTE: From an implementor's perspective, it might seem more sensible
  1046. to reverse this ordering, and have the plainest alternative last.
  1047. However, placing the plainest alternative first is the friendliest
  1048. possible option when "multipart/alternative" entities are viewed
  1049. using a non-MIME-conformant viewer. While this approach does impose
  1050. some burden on conformant MIME viewers, interoperability with older
  1051. mail readers was deemed to be more important in this case.
  1052. It may be the case that some user agents, if they can recognize more
  1053. than one of the formats, will prefer to offer the user the choice of
  1054. which format to view. This makes sense, for example, if a message
  1055. includes both a nicely- formatted image version and an easily-edited
  1056. text version. What is most critical, however, is that the user not
  1057. automatically be shown multiple versions of the same data. Either
  1058. the user should be shown the last recognized version or should be
  1059. given the choice.
  1060. THE SEMANTICS OF CONTENT-ID IN MULTIPART/ALTERNATIVE: Each part of a
  1061. "multipart/alternative" entity represents the same data, but the
  1062. mappings between the two are not necessarily without information
  1063. loss. For example, information is lost when translating ODA to
  1064. PostScript or plain text. It is recommended that each part should
  1065. have a different Content-ID value in the case where the information
  1066. content of the two parts is not identical. And when the information
  1067. content is identical -- for example, where several parts of type
  1068. "message/external-body" specify alternate ways to access the
  1069. identical data -- the same Content-ID field value should be used, to
  1070. optimize any caching mechanisms that might be present on the
  1071. recipient's end. However, the Content-ID values used by the parts
  1072. should NOT be the same Content-ID value that describes the
  1073. "multipart/alternative" as a whole, if there is any such Content-ID
  1074. field. That is, one Content-ID value will refer to the
  1075. "multipart/alternative" entity, while one or more other Content-ID
  1076. values will refer to the parts inside it.
  1077. 5.1.5. Digest Subtype
  1078. This document defines a "digest" subtype of the "multipart" Content-
  1079. Type. This type is syntactically identical to "multipart/mixed", but
  1080. the semantics are different. In particular, in a digest, the default
  1081. Content-Type value for a body part is changed from "text/plain" to
  1082. "message/rfc822". This is done to allow a more readable digest
  1083. format that is largely compatible (except for the quoting convention)
  1084. with RFC 934.
  1085. Note: Though it is possible to specify a Content-Type value for a
  1086. body part in a digest which is other than "message/rfc822", such as a
  1087. "text/plain" part containing a description of the material in the
  1088. Freed & Borenstein Standards Track [Page 26]
  1089. RFC 2046 Media Types November 1996
  1090. digest, actually doing so is undesireble. The "multipart/digest"
  1091. Content-Type is intended to be used to send collections of messages.
  1092. If a "text/plain" part is needed, it should be included as a seperate
  1093. part of a "multipart/mixed" message.
  1094. A digest in this format might, then, look something like this:
  1095. From: Moderator-Address
  1096. To: Recipient-List
  1097. Date: Mon, 22 Mar 1994 13:34:51 +0000
  1098. Subject: Internet Digest, volume 42
  1099. MIME-Version: 1.0
  1100. Content-Type: multipart/mixed;
  1101. boundary="---- main boundary ----"
  1102. ------ main boundary ----
  1103. ...Introductory text or table of contents...
  1104. ------ main boundary ----
  1105. Content-Type: multipart/digest;
  1106. boundary="---- next message ----"
  1107. ------ next message ----
  1108. From: someone-else
  1109. Date: Fri, 26 Mar 1993 11:13:32 +0200
  1110. Subject: my opinion
  1111. ...body goes here ...
  1112. ------ next message ----
  1113. From: someone-else-again
  1114. Date: Fri, 26 Mar 1993 10:07:13 -0500
  1115. Subject: my different opinion
  1116. ... another body goes here ...
  1117. ------ next message ------
  1118. ------ main boundary ------
  1119. 5.1.6. Parallel Subtype
  1120. This document defines a "parallel" subtype of the "multipart"
  1121. Content-Type. This type is syntactically identical to
  1122. "multipart/mixed", but the semantics are different. In particular,
  1123. Freed & Borenstein Standards Track [Page 27]
  1124. RFC 2046 Media Types November 1996
  1125. in a parallel entity, the order of body parts is not significant.
  1126. A common presentation of this type is to display all of the parts
  1127. simultaneously on hardware and software that are capable of doing so.
  1128. However, composing agents should be aware that many mail readers will
  1129. lack this capability and will show the parts serially in any event.
  1130. 5.1.7. Other Multipart Subtypes
  1131. Other "multipart" subtypes are expected in the future. MIME
  1132. implementations must in general treat unrecognized subtypes of
  1133. "multipart" as being equivalent to "multipart/mixed".
  1134. 5.2. Message Media Type
  1135. It is frequently desirable, in sending mail, to encapsulate another
  1136. mail message. A special media type, "message", is defined to
  1137. facilitate this. In particular, the "rfc822" subtype of "message" is
  1138. used to encapsulate RFC 822 messages.
  1139. NOTE: It has been suggested that subtypes of "message" might be
  1140. defined for forwarded or rejected messages. However, forwarded and
  1141. rejected messages can be handled as multipart messages in which the
  1142. first part contains any control or descriptive information, and a
  1143. second part, of type "message/rfc822", is the forwarded or rejected
  1144. message. Composing rejection and forwarding messages in this manner
  1145. will preserve the type information on the original message and allow
  1146. it to be correctly presented to the recipient, and hence is strongly
  1147. encouraged.
  1148. Subtypes of "message" often impose restrictions on what encodings are
  1149. allowed. These restrictions are described in conjunction with each
  1150. specific subtype.
  1151. Mail gateways, relays, and other mail handling agents are commonly
  1152. known to alter the top-level header of an RFC 822 message. In
  1153. particular, they frequently add, remove, or reorder header fields.
  1154. These operations are explicitly forbidden for the encapsulated
  1155. headers embedded in the bodies of messages of type "message."
  1156. 5.2.1. RFC822 Subtype
  1157. A media type of "message/rfc822" indicates that the body contains an
  1158. encapsulated message, with the syntax of an RFC 822 message.
  1159. However, unlike top-level RFC 822 messages, the restriction that each
  1160. "message/rfc822" body must include a "From", "Date", and at least one
  1161. destination header is removed and replaced with the requirement that
  1162. at least one of "From", "Subject", or "Date" must be present.
  1163. Freed & Borenstein Standards Track [Page 28]
  1164. RFC 2046 Media Types November 1996
  1165. It should be noted that, despite the use of the numbers "822", a
  1166. "message/rfc822" entity isn't restricted to material in strict
  1167. conformance to RFC822, nor are the semantics of "message/rfc822"
  1168. objects restricted to the semantics defined in RFC822. More
  1169. specifically, a "message/rfc822" message could well be a News article
  1170. or a MIME message.
  1171. No encoding other than "7bit", "8bit", or "binary" is permitted for
  1172. the body of a "message/rfc822" entity. The message header fields are
  1173. always US-ASCII in any case, and data within the body can still be
  1174. encoded, in which case the Content-Transfer-Encoding header field in
  1175. the encapsulated message will reflect this. Non-US-ASCII text in the
  1176. headers of an encapsulated message can be specified using the
  1177. mechanisms described in RFC 2047.
  1178. 5.2.2. Partial Subtype
  1179. The "partial" subtype is defined to allow large entities to be
  1180. delivered as several separate pieces of mail and automatically
  1181. reassembled by a receiving user agent. (The concept is similar to IP
  1182. fragmentation and reassembly in the basic Internet Protocols.) This
  1183. mechanism can be used when intermediate transport agents limit the
  1184. size of individual messages that can be sent. The media type
  1185. "message/partial" thus indicates that the body contains a fragment of
  1186. a larger entity.
  1187. Because data of type "message" may never be encoded in base64 or
  1188. quoted-printable, a problem might arise if "message/partial" entities
  1189. are constructed in an environment that supports binary or 8bit
  1190. transport. The problem is that the binary data would be split into
  1191. multiple "message/partial" messages, each of them requiring binary
  1192. transport. If such messages were encountered at a gateway into a
  1193. 7bit transport environment, there would be no way to properly encode
  1194. them for the 7bit world, aside from waiting for all of the fragments,
  1195. reassembling the inner message, and then encoding the reassembled
  1196. data in base64 or quoted-printable. Since it is possible that
  1197. different fragments might go through different gateways, even this is
  1198. not an acceptable solution. For this reason, it is specified that
  1199. entities of type "message/partial" must always have a content-
  1200. transfer-encoding of 7bit (the default). In particular, even in
  1201. environments that support binary or 8bit transport, the use of a
  1202. content- transfer-encoding of "8bit" or "binary" is explicitly
  1203. prohibited for MIME entities of type "message/partial". This in turn
  1204. implies that the inner message must not use "8bit" or "binary"
  1205. encoding.
  1206. Freed & Borenstein Standards Track [Page 29]
  1207. RFC 2046 Media Types November 1996
  1208. Because some message transfer agents may choose to automatically
  1209. fragment large messages, and because such agents may use very
  1210. different fragmentation thresholds, it is possible that the pieces of
  1211. a partial message, upon reassembly, may prove themselves to comprise
  1212. a partial message. This is explicitly permitted.
  1213. Three parameters must be specified in the Content-Type field of type
  1214. "message/partial": The first, "id", is a unique identifier, as close
  1215. to a world-unique identifier as possible, to be used to match the
  1216. fragments together. (In general, the identifier is essentially a
  1217. message-id; if placed in double quotes, it can be ANY message-id, in
  1218. accordance with the BNF for "parameter" given in RFC 2045.) The
  1219. second, "number", an integer, is the fragment number, which indicates
  1220. where this fragment fits into the sequence of fragments. The third,
  1221. "total", another integer, is the total number of fragments. This
  1222. third subfield is required on the final fragment, and is optional
  1223. (though encouraged) on the earlier fragments. Note also that these
  1224. parameters may be given in any order.
  1225. Thus, the second piece of a 3-piece message may have either of the
  1226. following header fields:
  1227. Content-Type: Message/Partial; number=2; total=3;
  1228. id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
  1229. Content-Type: Message/Partial;
  1230. id="oc=jpbe0M2Yt4s@thumper.bellcore.com";
  1231. number=2
  1232. But the third piece MUST specify the total number of fragments:
  1233. Content-Type: Message/Partial; number=3; total=3;
  1234. id="oc=jpbe0M2Yt4s@thumper.bellcore.com"
  1235. Note that fragment numbering begins with 1, not 0.
  1236. When the fragments of an entity broken up in this manner are put
  1237. together, the result is always a complete MIME entity, which may have
  1238. its own Content-Type header field, and thus may contain any other
  1239. data type.
  1240. 5.2.2.1. Message Fragmentation and Reassembly
  1241. The semantics of a reassembled partial message must be those of the
  1242. "inner" message, rather than of a message containing the inner
  1243. message. This makes it possible, for example, to send a large audio
  1244. message as several partial messages, and still have it appear to the
  1245. recipient as a simple audio message rather than as an encapsulated
  1246. Freed & Borenstein Standards Track [Page 30]
  1247. RFC 2046 Media Types November 1996
  1248. message containing an audio message. That is, the encapsulation of
  1249. the message is considered to be "transparent".
  1250. When generating and reassembling the pieces of a "message/partial"
  1251. message, the headers of the encapsulated message must be merged with
  1252. the headers of the enclosing entities. In this process the following
  1253. rules must be observed:
  1254. (1) Fragmentation agents must split messages at line
  1255. boundaries only. This restriction is imposed because
  1256. splits at points other than the ends of lines in turn
  1257. depends on message transports being able to preserve
  1258. the semantics of messages that don't end with a CRLF
  1259. sequence. Many transports are incapable of preserving
  1260. such semantics.
  1261. (2) All of the header fields from the initial enclosing
  1262. message, except those that start with "Content-" and
  1263. the specific header fields "Subject", "Message-ID",
  1264. "Encrypted", and "MIME-Version", must be copied, in
  1265. order, to the new message.
  1266. (3) The header fields in the enclosed message which start
  1267. with "Content-", plus the "Subject", "Message-ID",
  1268. "Encrypted", and "MIME-Version" fields, must be
  1269. appended, in order, to the header fields of the new
  1270. message. Any header fields in the enclosed message
  1271. which do not start with "Content-" (except for the
  1272. "Subject", "Message-ID", "Encrypted", and "MIME-
  1273. Version" fields) will be ignored and dropped.
  1274. (4) All of the header fields from the second and any
  1275. subsequent enclosing messages are discarded by the
  1276. reassembly process.
  1277. 5.2.2.2. Fragmentation and Reassembly Example
  1278. If an audio message is broken into two pieces, the first piece might
  1279. look something like this:
  1280. X-Weird-Header-1: Foo
  1281. From: Bill@host.com
  1282. To: joe@otherhost.com
  1283. Date: Fri, 26 Mar 1993 12:59:38 -0500 (EST)
  1284. Subject: Audio mail (part 1 of 2)
  1285. Message-ID: <id1@host.com>
  1286. MIME-Version: 1.0
  1287. Content-type: message/partial; id="ABC@host.com";
  1288. Freed & Borenstein Standards Track [Page 31]
  1289. RFC 2046 Media Types November 1996
  1290. number=1; total=2
  1291. X-Weird-Header-1: Bar
  1292. X-Weird-Header-2: Hello
  1293. Message-ID: <anotherid@foo.com>
  1294. Subject: Audio mail
  1295. MIME-Version: 1.0
  1296. Content-type: audio/basic
  1297. Content-transfer-encoding: base64
  1298. ... first half of encoded audio data goes here ...
  1299. and the second half might look something like this:
  1300. From: Bill@host.com
  1301. To: joe@otherhost.com
  1302. Date: Fri, 26 Mar 1993 12:59:38 -0500 (EST)
  1303. Subject: Audio mail (part 2 of 2)
  1304. MIME-Version: 1.0
  1305. Message-ID: <id2@host.com>
  1306. Content-type: message/partial;
  1307. id="ABC@host.com"; number=2; total=2
  1308. ... second half of encoded audio data goes here ...
  1309. Then, when the fragmented message is reassembled, the resulting
  1310. message to be displayed to the user should look something like this:
  1311. X-Weird-Header-1: Foo
  1312. From: Bill@host.com
  1313. To: joe@otherhost.com
  1314. Date: Fri, 26 Mar 1993 12:59:38 -0500 (EST)
  1315. Subject: Audio mail
  1316. Message-ID: <anotherid@foo.com>
  1317. MIME-Version: 1.0
  1318. Content-type: audio/basic
  1319. Content-transfer-encoding: base64
  1320. ... first half of encoded audio data goes here ...
  1321. ... second half of encoded audio data goes here ...
  1322. The inclusion of a "References" field in the headers of the second
  1323. and subsequent pieces of a fragmented message that references the
  1324. Message-Id on the previous piece may be of benefit to mail readers
  1325. that understand and track references. However, the generation of
  1326. such "References" fields is entirely optional.
  1327. Freed & Borenstein Standards Track [Page 32]
  1328. RFC 2046 Media Types November 1996
  1329. Finally, it should be noted that the "Encrypted" header field has
  1330. been made obsolete by Privacy Enhanced Messaging (PEM) [RFC-1421,
  1331. RFC-1422, RFC-1423, RFC-1424], but the rules above are nevertheless
  1332. believed to describe the correct way to treat it if it is encountered
  1333. in the context of conversion to and from "message/partial" fragments.
  1334. 5.2.3. External-Body Subtype
  1335. The external-body subtype indicates that the actual body data are not
  1336. included, but merely referenced. In this case, the parameters
  1337. describe a mechanism for accessing the external data.
  1338. When a MIME entity is of type "message/external-body", it consists of
  1339. a header, two consecutive CRLFs, and the message header for the
  1340. encapsulated message. If another pair of consecutive CRLFs appears,
  1341. this of course ends the message header for the encapsulated message.
  1342. However, since the encapsulated message's body is itself external, it
  1343. does NOT appear in the area that follows. For example, consider the
  1344. following message:
  1345. Content-type: message/external-body;
  1346. access-type=local-file;
  1347. name="/u/nsb/Me.jpeg"
  1348. Content-type: image/jpeg
  1349. Content-ID: <id42@guppylake.bellcore.com>
  1350. Content-Transfer-Encoding: binary
  1351. THIS IS NOT REALLY THE BODY!
  1352. The area at the end, which might be called the "phantom body", is
  1353. ignored for most external-body messages. However, it may be used to
  1354. contain auxiliary information for some such messages, as indeed it is
  1355. when the access-type is "mail- server". The only access-type defined
  1356. in this document that uses the phantom body is "mail-server", but
  1357. other access-types may be defined in the future in other
  1358. specifications that use this area.
  1359. The encapsulated headers in ALL "message/external-body" entities MUST
  1360. include a Content-ID header field to give a unique identifier by
  1361. which to reference the data. This identifier may be used for caching
  1362. mechanisms, and for recognizing the receipt of the data when the
  1363. access-type is "mail-server".
  1364. Note that, as specified here, the tokens that describe external-body
  1365. data, such as file names and mail server commands, are required to be
  1366. in the US-ASCII character set.
  1367. Freed & Borenstein Standards Track [Page 33]
  1368. RFC 2046 Media Types November 1996
  1369. If this proves problematic in practice, a new mechanism may be
  1370. required as a future extension to MIME, either as newly defined
  1371. access-types for "message/external-body" or by some other mechanism.
  1372. As with "message/partial", MIME entities of type "message/external-
  1373. body" MUST have a content-transfer-encoding of 7bit (the default).
  1374. In particular, even in environments that support binary or 8bit
  1375. transport, the use of a content- transfer-encoding of "8bit" or
  1376. "binary" is explicitly prohibited for entities of type
  1377. "message/external-body".
  1378. 5.2.3.1. General External-Body Parameters
  1379. The parameters that may be used with any "message/external- body"
  1380. are:
  1381. (1) ACCESS-TYPE -- A word indicating the supported access
  1382. mechanism by which the file or data may be obtained.
  1383. This word is not case sensitive. Values include, but
  1384. are not limited to, "FTP", "ANON-FTP", "TFTP", "LOCAL-
  1385. FILE", and "MAIL-SERVER". Future values, except for
  1386. experimental values beginning with "X-", must be
  1387. registered with IANA, as described in RFC 2048.
  1388. This parameter is unconditionally mandatory and MUST be
  1389. present on EVERY "message/external-body".
  1390. (2) EXPIRATION -- The date (in the RFC 822 "date-time"
  1391. syntax, as extended by RFC 1123 to permit 4 digits in
  1392. the year field) after which the existence of the
  1393. external data is not guaranteed. This parameter may be
  1394. used with ANY access-type and is ALWAYS optional.
  1395. (3) SIZE -- The size (in octets) of the data. The intent
  1396. of this parameter is to help the recipient decide
  1397. whether or not to expend the necessary resources to
  1398. retrieve the external data. Note that this describes
  1399. the size of the data in its canonical form, that is,
  1400. before any Content-Transfer-Encoding has been applied
  1401. or after the data have been decoded. This parameter
  1402. may be used with ANY access-type and is ALWAYS
  1403. optional.
  1404. (4) PERMISSION -- A case-insensitive field that indicates
  1405. whether or not it is expected that clients might also
  1406. attempt to overwrite the data. By default, or if
  1407. permission is "read", the assumption is that they are
  1408. not, and that if the data is retrieved once, it is
  1409. never needed again. If PERMISSION is "read-write",
  1410. Freed & Borenstein Standards Track [Page 34]
  1411. RFC 2046 Media Types November 1996
  1412. this assumption is invalid, and any local copy must be
  1413. considered no more than a cache. "Read" and "Read-
  1414. write" are the only defined values of permission. This
  1415. parameter may be used with ANY access-type and is
  1416. ALWAYS optional.
  1417. The precise semantics of the access-types defined here are described
  1418. in the sections that follow.
  1419. 5.2.3.2. The 'ftp' and 'tftp' Access-Types
  1420. An access-type of FTP or TFTP indicates that the message body is
  1421. accessible as a file using the FTP [RFC-959] or TFTP [RFC- 783]
  1422. protocols, respectively. For these access-types, the following
  1423. additional parameters are mandatory:
  1424. (1) NAME -- The name of the file that contains the actual
  1425. body data.
  1426. (2) SITE -- A machine from which the file may be obtained,
  1427. using the given protocol. This must be a fully
  1428. qualified domain name, not a nickname.
  1429. (3) Before any data are retrieved, using FTP, the user will
  1430. generally need to be asked to provide a login id and a
  1431. password for the machine named by the site parameter.
  1432. For security reasons, such an id and password are not
  1433. specified as content-type parameters, but must be
  1434. obtained from the user.
  1435. In addition, the following parameters are optional:
  1436. (1) DIRECTORY -- A directory from which the data named by
  1437. NAME should be retrieved.
  1438. (2) MODE -- A case-insensitive string indicating the mode
  1439. to be used when retrieving the information. The valid
  1440. values for access-type "TFTP" are "NETASCII", "OCTET",
  1441. and "MAIL", as specified by the TFTP protocol [RFC-
  1442. 783]. The valid values for access-type "FTP" are
  1443. "ASCII", "EBCDIC", "IMAGE", and "LOCALn" where "n" is a
  1444. decimal integer, typically 8. These correspond to the
  1445. representation types "A" "E" "I" and "L n" as specified
  1446. by the FTP protocol [RFC-959]. Note that "BINARY" and
  1447. "TENEX" are not valid values for MODE and that "OCTET"
  1448. or "IMAGE" or "LOCAL8" should be used instead. IF MODE
  1449. is not specified, the default value is "NETASCII" for
  1450. TFTP and "ASCII" otherwise.
  1451. Freed & Borenstein Standards Track [Page 35]
  1452. RFC 2046 Media Types November 1996
  1453. 5.2.3.3. The 'anon-ftp' Access-Type
  1454. The "anon-ftp" access-type is identical to the "ftp" access type,
  1455. except that the user need not be asked to provide a name and password
  1456. for the specified site. Instead, the ftp protocol will be used with
  1457. login "anonymous" and a password that corresponds to the user's mail
  1458. address.
  1459. 5.2.3.4. The 'local-file' Access-Type
  1460. An access-type of "local-file" indicates that the actual body is
  1461. accessible as a file on the local machine. Two additional parameters
  1462. are defined for this access type:
  1463. (1) NAME -- The name of the file that contains the actual
  1464. body data. This parameter is mandatory for the
  1465. "local-file" access-type.
  1466. (2) SITE -- A domain specifier for a machine or set of
  1467. machines that are known to have access to the data
  1468. file. This optional parameter is used to describe the
  1469. locality of reference for the data, that is, the site
  1470. or sites at which the file is expected to be visible.
  1471. Asterisks may be used for wildcard matching to a part
  1472. of a domain name, such as "*.bellcore.com", to indicate
  1473. a set of machines on which the data should be directly
  1474. visible, while a single asterisk may be used to
  1475. indicate a file that is expected to be universally
  1476. available, e.g., via a global file system.
  1477. 5.2.3.5. The 'mail-server' Access-Type
  1478. The "mail-server" access-type indicates that the actual body is
  1479. available from a mail server. Two additional parameters are defined
  1480. for this access-type:
  1481. (1) SERVER -- The addr-spec of the mail server from which
  1482. the actual body data can be obtained. This parameter
  1483. is mandatory for the "mail-server" access-type.
  1484. (2) SUBJECT -- The subject that is to be used in the mail
  1485. that is sent to obtain the data. Note that keying mail
  1486. servers on Subject lines is NOT recommended, but such
  1487. mail servers are known to exist. This is an optional
  1488. parameter.
  1489. Freed & Borenstein Standards Track [Page 36]
  1490. RFC 2046 Media Types November 1996
  1491. Because mail servers accept a variety of syntaxes, some of which is
  1492. multiline, the full command to be sent to a mail server is not
  1493. included as a parameter in the content-type header field. Instead,
  1494. it is provided as the "phantom body" when the media type is
  1495. "message/external-body" and the access-type is mail-server.
  1496. Note that MIME does not define a mail server syntax. Rather, it
  1497. allows the inclusion of arbitrary mail server commands in the phantom
  1498. body. Implementations must include the phantom body in the body of
  1499. the message it sends to the mail server address to retrieve the
  1500. relevant data.
  1501. Unlike other access-types, mail-server access is asynchronous and
  1502. will happen at an unpredictable time in the future. For this reason,
  1503. it is important that there be a mechanism by which the returned data
  1504. can be matched up with the original "message/external-body" entity.
  1505. MIME mail servers must use the same Content-ID field on the returned
  1506. message that was used in the original "message/external-body"
  1507. entities, to facilitate such matching.
  1508. 5.2.3.6. External-Body Security Issues
  1509. "Message/external-body" entities give rise to two important security
  1510. issues:
  1511. (1) Accessing data via a "message/external-body" reference
  1512. effectively results in the message recipient performing
  1513. an operation that was specified by the message
  1514. originator. It is therefore possible for the message
  1515. originator to trick a recipient into doing something
  1516. they would not have done otherwise. For example, an
  1517. originator could specify a action that attempts
  1518. retrieval of material that the recipient is not
  1519. authorized to obtain, causing the recipient to
  1520. unwittingly violate some security policy. For this
  1521. reason, user agents capable of resolving external
  1522. references must always take steps to describe the
  1523. action they are to take to the recipient and ask for
  1524. explicit permisssion prior to performing it.
  1525. The 'mail-server' access-type is particularly
  1526. vulnerable, in that it causes the recipient to send a
  1527. new message whose contents are specified by the
  1528. original message's originator. Given the potential for
  1529. abuse, any such request messages that are constructed
  1530. should contain a clear indication that they were
  1531. generated automatically (e.g. in a Comments: header
  1532. field) in an attempt to resolve a MIME
  1533. Freed & Borenstein Standards Track [Page 37]
  1534. RFC 2046 Media Types November 1996
  1535. "message/external-body" reference.
  1536. (2) MIME will sometimes be used in environments that
  1537. provide some guarantee of message integrity and
  1538. authenticity. If present, such guarantees may apply
  1539. only to the actual direct content of messages -- they
  1540. may or may not apply to data accessed through MIME's
  1541. "message/external-body" mechanism. In particular, it
  1542. may be possible to subvert certain access mechanisms
  1543. even when the messaging system itself is secure.
  1544. It should be noted that this problem exists either with
  1545. or without the availabilty of MIME mechanisms. A
  1546. casual reference to an FTP site containing a document
  1547. in the text of a secure message brings up similar
  1548. issues -- the only difference is that MIME provides for
  1549. automatic retrieval of such material, and users may
  1550. place unwarranted trust is such automatic retrieval
  1551. mechanisms.
  1552. 5.2.3.7. Examples and Further Explanations
  1553. When the external-body mechanism is used in conjunction with the
  1554. "multipart/alternative" media type it extends the functionality of
  1555. "multipart/alternative" to include the case where the same entity is
  1556. provided in the same format but via different accces mechanisms.
  1557. When this is done the originator of the message must order the parts
  1558. first in terms of preferred formats and then by preferred access
  1559. mechanisms. The recipient's viewer should then evaluate the list
  1560. both in terms of format and access mechanisms.
  1561. With the emerging possibility of very wide-area file systems, it
  1562. becomes very hard to know in advance the set of machines where a file
  1563. will and will not be accessible directly from the file system.
  1564. Therefore it may make sense to provide both a file name, to be tried
  1565. directly, and the name of one or more sites from which the file is
  1566. known to be accessible. An implementation can try to retrieve remote
  1567. files using FTP or any other protocol, using anonymous file retrieval
  1568. or prompting the user for the necessary name and password. If an
  1569. external body is accessible via multiple mechanisms, the sender may
  1570. include multiple entities of type "message/external-body" within the
  1571. body parts of an enclosing "multipart/alternative" entity.
  1572. However, the external-body mechanism is not intended to be limited to
  1573. file retrieval, as shown by the mail-server access-type. Beyond
  1574. this, one can imagine, for example, using a video server for external
  1575. references to video clips.
  1576. Freed & Borenstein Standards Track [Page 38]
  1577. RFC 2046 Media Types November 1996
  1578. The embedded message header fields which appear in the body of the
  1579. "message/external-body" data must be used to declare the media type
  1580. of the external body if it is anything other than plain US-ASCII
  1581. text, since the external body does not have a header section to
  1582. declare its type. Similarly, any Content-transfer-encoding other
  1583. than "7bit" must also be declared here. Thus a complete
  1584. "message/external-body" message, referring to an object in PostScript
  1585. format, might look like this:
  1586. From: Whomever
  1587. To: Someone
  1588. Date: Whenever
  1589. Subject: whatever
  1590. MIME-Version: 1.0
  1591. Message-ID: <id1@host.com>
  1592. Content-Type: multipart/alternative; boundary=42
  1593. Content-ID: <id001@guppylake.bellcore.com>
  1594. --42
  1595. Content-Type: message/external-body; name="BodyFormats.ps";
  1596. site="thumper.bellcore.com"; mode="image";
  1597. access-type=ANON-FTP; directory="pub";
  1598. expiration="Fri, 14 Jun 1991 19:13:14 -0400 (EDT)"
  1599. Content-type: application/postscript
  1600. Content-ID: <id42@guppylake.bellcore.com>
  1601. --42
  1602. Content-Type: message/external-body; access-type=local-file;
  1603. name="/u/nsb/writing/rfcs/RFC-MIME.ps";
  1604. site="thumper.bellcore.com";
  1605. expiration="Fri, 14 Jun 1991 19:13:14 -0400 (EDT)"
  1606. Content-type: application/postscript
  1607. Content-ID: <id42@guppylake.bellcore.com>
  1608. --42
  1609. Content-Type: message/external-body;
  1610. access-type=mail-server
  1611. server="listserv@bogus.bitnet";
  1612. expiration="Fri, 14 Jun 1991 19:13:14 -0400 (EDT)"
  1613. Content-type: application/postscript
  1614. Content-ID: <id42@guppylake.bellcore.com>
  1615. get RFC-MIME.DOC
  1616. --42--
  1617. Freed & Borenstein Standards Track [Page 39]
  1618. RFC 2046 Media Types November 1996
  1619. Note that in the above examples, the default Content-transfer-
  1620. encoding of "7bit" is assumed for the external postscript data.
  1621. Like the "message/partial" type, the "message/external-body" media
  1622. type is intended to be transparent, that is, to convey the data type
  1623. in the external body rather than to convey a message with a body of
  1624. that type. Thus the headers on the outer and inner parts must be
  1625. merged using the same rules as for "message/partial". In particular,
  1626. this means that the Content-type and Subject fields are overridden,
  1627. but the From field is preserved.
  1628. Note that since the external bodies are not transported along with
  1629. the external body reference, they need not conform to transport
  1630. limitations that apply to the reference itself. In particular,
  1631. Internet mail transports may impose 7bit and line length limits, but
  1632. these do not automatically apply to binary external body references.
  1633. Thus a Content-Transfer-Encoding is not generally necessary, though
  1634. it is permitted.
  1635. Note that the body of a message of type "message/external-body" is
  1636. governed by the basic syntax for an RFC 822 message. In particular,
  1637. anything before the first consecutive pair of CRLFs is header
  1638. information, while anything after it is body information, which is
  1639. ignored for most access-types.
  1640. 5.2.4. Other Message Subtypes
  1641. MIME implementations must in general treat unrecognized subtypes of
  1642. "message" as being equivalent to "application/octet-stream".
  1643. Future subtypes of "message" intended for use with email should be
  1644. restricted to "7bit" encoding. A type other than "message" should be
  1645. used if restriction to "7bit" is not possible.
  1646. 6. Experimental Media Type Values
  1647. A media type value beginning with the characters "X-" is a private
  1648. value, to be used by consenting systems by mutual agreement. Any
  1649. format without a rigorous and public definition must be named with an
  1650. "X-" prefix, and publicly specified values shall never begin with
  1651. "X-". (Older versions of the widely used Andrew system use the "X-
  1652. BE2" name, so new systems should probably choose a different name.)
  1653. In general, the use of "X-" top-level types is strongly discouraged.
  1654. Implementors should invent subtypes of the existing types whenever
  1655. possible. In many cases, a subtype of "application" will be more
  1656. appropriate than a new top-level type.
  1657. Freed & Borenstein Standards Track [Page 40]
  1658. RFC 2046 Media Types November 1996
  1659. 7. Summary
  1660. The five discrete media types provide provide a standardized
  1661. mechanism for tagging entities as "audio", "image", or several other
  1662. kinds of data. The composite "multipart" and "message" media types
  1663. allow mixing and hierarchical structuring of entities of different
  1664. types in a single message. A distinguished parameter syntax allows
  1665. further specification of data format details, particularly the
  1666. specification of alternate character sets. Additional optional
  1667. header fields provide mechanisms for certain extensions deemed
  1668. desirable by many implementors. Finally, a number of useful media
  1669. types are defined for general use by consenting user agents, notably
  1670. "message/partial" and "message/external-body".
  1671. 9. Security Considerations
  1672. Security issues are discussed in the context of the
  1673. "application/postscript" type, the "message/external-body" type, and
  1674. in RFC 2048. Implementors should pay special attention to the
  1675. security implications of any media types that can cause the remote
  1676. execution of any actions in the recipient's environment. In such
  1677. cases, the discussion of the "application/postscript" type may serve
  1678. as a model for considering other media types with remote execution
  1679. capabilities.
  1680. Freed & Borenstein Standards Track [Page 41]
  1681. RFC 2046 Media Types November 1996
  1682. 9. Authors' Addresses
  1683. For more information, the authors of this document are best contacted
  1684. via Internet mail:
  1685. Ned Freed
  1686. Innosoft International, Inc.
  1687. 1050 East Garvey Avenue South
  1688. West Covina, CA 91790
  1689. USA
  1690. Phone: +1 818 919 3600
  1691. Fax: +1 818 919 3614
  1692. EMail: ned@innosoft.com
  1693. Nathaniel S. Borenstein
  1694. First Virtual Holdings
  1695. 25 Washington Avenue
  1696. Morristown, NJ 07960
  1697. USA
  1698. Phone: +1 201 540 8967
  1699. Fax: +1 201 993 3032
  1700. EMail: nsb@nsb.fv.com
  1701. MIME is a result of the work of the Internet Engineering Task Force
  1702. Working Group on RFC 822 Extensions. The chairman of that group,
  1703. Greg Vaudreuil, may be reached at:
  1704. Gregory M. Vaudreuil
  1705. Octel Network Services
  1706. 17080 Dallas Parkway
  1707. Dallas, TX 75248-1905
  1708. USA
  1709. EMail: Greg.Vaudreuil@Octel.Com
  1710. Freed & Borenstein Standards Track [Page 42]
  1711. RFC 2046 Media Types November 1996
  1712. Appendix A -- Collected Grammar
  1713. This appendix contains the complete BNF grammar for all the syntax
  1714. specified by this document.
  1715. By itself, however, this grammar is incomplete. It refers by name to
  1716. several syntax rules that are defined by RFC 822. Rather than
  1717. reproduce those definitions here, and risk unintentional differences
  1718. between the two, this document simply refers the reader to RFC 822
  1719. for the remaining definitions. Wherever a term is undefined, it
  1720. refers to the RFC 822 definition.
  1721. boundary := 0*69<bchars> bcharsnospace
  1722. bchars := bcharsnospace / " "
  1723. bcharsnospace := DIGIT / ALPHA / "'" / "(" / ")" /
  1724. "+" / "_" / "," / "-" / "." /
  1725. "/" / ":" / "=" / "?"
  1726. body-part := <"message" as defined in RFC 822, with all
  1727. header fields optional, not starting with the
  1728. specified dash-boundary, and with the
  1729. delimiter not occurring anywhere in the
  1730. body part. Note that the semantics of a
  1731. part differ from the semantics of a message,
  1732. as described in the text.>
  1733. close-delimiter := delimiter "--"
  1734. dash-boundary := "--" boundary
  1735. ; boundary taken from the value of
  1736. ; boundary parameter of the
  1737. ; Content-Type field.
  1738. delimiter := CRLF dash-boundary
  1739. discard-text := *(*text CRLF)
  1740. ; May be ignored or discarded.
  1741. encapsulation := delimiter transport-padding
  1742. CRLF body-part
  1743. epilogue := discard-text
  1744. multipart-body := [preamble CRLF]
  1745. dash-boundary transport-padding CRLF
  1746. body-part *encapsulation
  1747. Freed & Borenstein Standards Track [Page 43]
  1748. RFC 2046 Media Types November 1996
  1749. close-delimiter transport-padding
  1750. [CRLF epilogue]
  1751. preamble := discard-text
  1752. transport-padding := *LWSP-char
  1753. ; Composers MUST NOT generate
  1754. ; non-zero length transport
  1755. ; padding, but receivers MUST
  1756. ; be able to handle padding
  1757. ; added by message transports.
  1758. Freed & Borenstein Standards Track [Page 44]