combination of text-mode signature (by mutt?) and gpg >= 1.4.8 introduces interoperability problem
Bernhard Reiter
bernhard at intevation.de
Wed Jul 9 09:51:04 CEST 2008
Am Dienstag, 8. Juli 2008 19:26:32 schrieb David Shaw:
> On Tue, Jul 08, 2008 at 04:52:19PM +0200, Bernhard Reiter wrote:
> > Note that you would need to have an attachment in, that already
> > has trailing spaces to some lines. Maybe it must be a message/rfc822
> > attachment, I did not verify yet.
>
> This is interesting, as OpenPGP/MIME requires trailing spaces to be
> quoted. ("any trailing whitespace MUST then be removed from the
> signed material.") That would imply that mutt isn't generating the
> OpenPGP/MIME message properly. I suppose that is possible, but it
> seems odd as Mutt has always been rigorous about following the
> OpenPGP/MIME spec to the letter.
Hmm, thinking more about this, mutt forwarded a message by
which already was signed by Gnus, looking at it again I can
see that only the header lines of the forwarded message in two cases
have one trailing space. Those are X-Spam: and X-Attachments:, so maybe
something in the email transport introduces those spaces unnecessarily.
After all it might be a mutt problem that it does not strip those trailing
spaces. Stripping those spaces would require some more involved algorithm,
so maybe issuing a strong warning would be more appropriate.
Note that mutt cannot just encode this body part because it is
message/rfc822.
> Have you seen this:
> http://lists.gnupg.org/pipermail/gnupg-users/2005-January/024408.html
>
> Can you ask the sender to perform the test suggested on that page?
> Specifically:
>
> An easy way to tell if your particular mail program correctly
> implements PGP/MIME signing is to set --no-rfc2440-text, and send
> yourself a signed message that has a number of blank spaces at the
> end of a line. Then, set --rfc2440-text and attempt to verify the
> signature. If the signature does not verify correctly, you may
> wish to contact the developer of your mail program for an update.
>
> In this case, of course, have the sender construct the same sort of
> message as before (message/rfc822 attachment, etc).
This sounds easier then trying to create test message,
thanks for the hint.
Bernhard
--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1603 bytes
Desc: not available
URL: </pipermail/attachments/20080709/15f74df4/attachment.bin>
More information about the Gnupg-devel
mailing list