[fwd] Re: PGP/MIME implementors: text mode vs. binary mode? (from: hal@finney.org)

Thomas Roessler roessler at does-not-exist.org
Wed Feb 14 23:22:07 CET 2001

On 2001-02-14 15:35:30 -0600, JP Sugarbroad wrote:

>> I can't help thinking that the distinction between text and
>> binary mode is not that useful in solving this problem.  Let's
>> not get hung up on the specification incompatibility between
>> PGP 2.X and OpenPGP.

> Bah. PGP/MIME is a broken standard anyway. Signing post-CTE data is
> simply ASKING for problems.

Not at all.

More precisely, PGP/MIME helps to address several ugly problems you
normally have with detached signatures:

- PGP/MIME includes MIME headers with the signature, thereby
  indicating how the signed data should be interpreted.  This can be
  crucial - remember all these nice "is valid in N+1 formats" files?
  (For instance, you could do interesting things with XPMs.)

- By signing post-CTE, you have something signed which has been
  translated to some well-defined format before.  Now, just look
  what happens when you mix character set conversions with cleartext

- PGP/MIME signed messages can be read by MIME-aware, but
  PGP-unaware clients, with the same results as far as the signed
  data are concerned.  I have yet to see any other signature scheme
  which has this property.
Most likely, I'm missing other benefits right now.

Thomas Roessler			    <roessler at does-not-exist.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
Url : /pipermail/attachments/20010214/f8241612/attachment.bin

More information about the Gnupg-devel mailing list