Vs Combined Method? E+S from RFC 3156 6.2

Werner Koch wk at gnupg.org
Mon Dec 15 17:53:06 CET 2008

On Mon, 15 Dec 2008 17:39, bernhard at intevation.de said:
> Am Montag, 15. Dezember 2008 11:53:10 schrieb Werner Koch:
>> On Mon, 15 Dec 2008 10:12, bernhard at intevation.de said:
>> > would be more and more important, because in the last month alone I've
>> > got email claimed to be from the following email application that are
>> > using the combined method (and text mode), which again I assume Werner
>> > dislikes:
>> It is merely that I suggest to use the standard method as per rfc3156.
> The combined method _is_ a standard method of rfc3156
> as it lists both methods. Where do you read out a preference of any of them?

RFC 3156 has to say this in section 6.2: 

   [...] This method is allowed
   in order to reduce processing overhead and increase compatibility
   with non-MIME implementations of OpenPGP.  [...]

and a few lines later:

   It is explicitly allowed for an agent to decrypt a combined message
   and rewrite it as a multipart/signed object using the signature data
   embedded in the encrypted version.

To me this is clearly a preference towards the standard (non-combined)



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list