Save signature in mail headers

Michael Daigle list-gnupg at mikedaigle.ca
Sat Aug 6 02:42:01 CEST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to David Srbecky's message sent 2005-08-05 17:43:

> I would like to sign all my mail, but I do not want to annoy people that
> have incompatible e-mail clients with extra attachment file or signature
> in the text of the message.
> 
> Is it possible to send the signature in mail headers?

It's possible to engineer a MUA to do that, but there's no use without a
recipient who has the same magic box :-(

DomainKeys and similar schemes can authenticate you as a sender from a
particular network, but not specifically from your email address, nor
can they provide message authentication.

You're stuck with the standards if you want to communicate with others
using PKCS. If you want to make sure your message can be authenticated,
you'd best choose non-opaque ("clear") signing whether OpenPGP or
S/MIME. This way, you don't force the recipient to possess your public
key in order to read your message, or suffer other consequences should
their MUA lack support for your message type. If they want or have a
need to authenticate your message, they'll request your public key.


- --
Mike Daigle                                   http://www.mikedaigle.ca
My PGP Key                                 mailto:pgpkey at mikedaigle.ca
Gossamer Spider Web of Trust                      http://www.gswot.org
Get Your Own Subdomain!                  http://www.gswot.org/yourname

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT - Gossamer Spider Web of Trust - www.gswot.org

iD8DBQFC9AdWNuccKlqTLlMRA2XgAJ4n5pBJIEaOhUuZPGY3ElQCKuapcACfTqHY
tIm40GMriqbBRU814120Q60=
=PkeT
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list