Security bug in mail plugins
Werner Koch
wk at gnupg.org
Wed Jun 28 12:26:28 CEST 2006
On Wed, 28 Jun 2006 10:41, Nicholas Cole said:
> on OS X. If part of a message is a signed gpg/mime
> message, the user is shown a display which gives an
> impression that there is a valid signature for all of
> the message and no warning that part of the message is
> not signed.
Well known problem with older MUAs.
> How do other mail clients deal with this issue? And
Gnus shows special markers to indicate what is signed and what
no. Kmail puts colored frames around the signed and verified parts of
the mail.
> what is the correct approach? Is there anything that
> can be done at the gpgme level to deal with this kind
GPGME does now nown about MIME or mail protocols in general. It needs
to be implemented in the MUA.
Shalom-Salam,
Werner
More information about the Gnupg-devel
mailing list