[Announce] Multiple Messages Problem in GnuPG and GPGME

Patrick Brunschwig patrick at mozilla-enigmail.org
Wed Mar 7 08:51:47 CET 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alan Batie wrote:
> Werner Koch wrote:
>> The correct way to use gpg with redirection is
>> by taking care of the status interface:
>>
>>   $ gpg --status-fd 1 <forged.gpg
>>   [GNUPG:] PLAINTEXT 62 1172479053 foobar.txt
>>   [GNUPG:] PLAINTEXT_LENGTH 36
>>   This is my sneaky plaintext message
>>   [GNUPG:] PLAINTEXT 62 1172480224 original-signed-message
>>   [GNUPG:] PLAINTEXT_LENGTH 86
>>   Either I'm dead or my watch has stopped.
>>                   -- Groucho Marx's last words
>>   gpg: Signature made Mon Feb 26 09:57:04 2007 CET using DSA key ID 68697734
>>   [GNUPG:] SIG_ID UncMPBJYgbG/uszJVNKoCAz+hvY 2007-02-26 1172480224
>>   [GNUPG:] GOODSIG 2D727CC768697734 Alfa Test (demo key) <alfa at example.net>
>>   gpg: Good signature from "Alfa Test (demo key) <alfa at example.net>"
>>   [...]
>>
>> Here the PLAINTEXT status lines clearly identify the start of a new
>> message.
> 
> "clearly"?  Only to a gnupg developer would this be "clearly".  Granted,
> for the most part, the only people using pgp probably can interpret
> this, but if you ever want non-techies to have any hope of using it,
> this needs major improvement.  And I suspect even most technical people
> would prefer something more readable...  How about:
> 
> $ gpg < forged.gpg
> [GNUPG SEGMENT 1:] foobar.txt
> ---
> This is my sneaky plaintext message
> ---
> [GNUPG STATUS 1:] UNTRUSTED (unsigned, possibly forged)
> ===
> [GNUPG SEGMENT 2:] original-signed-message
> ---
> Either I'm dead or my watch has stopped.
>                 -- Groucho Marx's last words
> ---
[...]

The --status-fd interface is defined and in use for quite a while, you
cannot just change the core of it without breaking dozens of
applications. I agree that a some improvements here and there would be
possible, but it definitely serves the purpose.

The problem is more that the usage of multiple PLAINTEXT parts --
especially the fact that there can be multiple parts -- doesn't seem to
be documented well enough. I.e. I think that some explicit mentioning in
the DETAILS document would help much more than changing the interface in
any way (which would still mean that it would need to be documented!).

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBRe5vEHcOpHodsOiwAQIiHgf+NgilEP+GUP4k1WBq3nFVMIZW1DB4bczZ
/ylfRJCXz9zuEKOLCkLK3kNN1z5+J5/IHcPX+/BQ2dJzpvEpSTjeTRvs7/czEGlH
Bhaq+fNQMGJYwgcq9iNpKN81budQBBeUkTdJ7jiA51s9WvAxlbhoSQEZdg9Cr/Fc
T9glBtHkcXKQji3NzuA8K4odoXHxGZKzRwhYCUMR0dPnrIL4Pkv4TJvaJ+C0gtvd
t21YfSFD8mhSVVqIlo6/TTbXv6ytb4lGyfLr1Uhq/WrdLWWYLRUFp+GtXl0RhVMZ
nbUUqq9gr6+wWsTRRj/E9d5hleIsGKuDfD2f5pnSpowU/WAXL0URAw==
=uIbF
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list