Vs Combined Method? E+S from RFC 3156 6.2
marcus.brinkmann at ruhr-uni-bochum.de
Mon May 19 16:55:37 CEST 2008
At Thu, 15 May 2008 14:16:09 +0200,
Bernhard Reiter wrote:
> Hi Marcus,
> On Thursday 15 May 2008 13:20, Marcus Brinkmann wrote:
> > At Tue, 29 Apr 2008 14:14:45 +0200,
> > Bernhard Reiter wrote:
> > > Given the enhanced compatibility, why not do combined method whenever you
> > > can, just getting the compatibility advantage?
> > Compatibility with what?
> The RFC from August 2001 says "to increase compatibility
> with non-MIME implementations of OpenPGP".
I was hoping for some specific applications that are in use today.
> Sure, so you are basically saying: The argument from 2001 is obsolete.
I am not saying that, I am just suggesting that, after evaluation, it
might be such a case, depending on how important compatibility is in
the real world.
> On the other hand, to ease the implementation, shouldn't we then push
> for the removal of the combined method requirement?
> At least make it mandadory in new implementation to not create
> new combined method emails?
I think that, if this is such a case, then that would be a sensible
> > So, the question is, are there significant MUAs that support only
> > combined mode?
> As for non-MIME MUAs, I think Outlook is significant.
> (Being one of the developers of Gpg4win, you know that until recently
> it could not do MIME OpenPGP. And that Outlook itself it not fully
> MIME compliant, e.g. it does not display the text part of a multipart/signed
> email, though it MUST according to MIME standards.)
Oh well, that may be a millstone around our neck for the time being.
> There will be others out there as well, e.g. on older unix machines
> which did not update software very often.
Not really what you are looking for, but: Somehow I question the
wisdom of relying on security software on such systems...
More information about the Gnupg-devel