Mutt/GnuPG doc initial release

Len Sassaman
Mon Sep 24 06:56:01 2001

>From the document:
"The outdated standard for making attached signatures was to paste it at the bottom of the message, but the new standard involves an actual MIME attachment to the message. Regardless, Mutt can verify either style." This is not correct. The only people who refer to the inline ASCII-armored signatures as "outdated" are the Mutt developers. Read the RFCs. Frankly, it's poor netiquette to post PGP/MIME messages to mailing lists, for one, and secondly, most mail clients cannot understand them. Signing your messages in a way that renders the signature useless for most PGP users serves no purpose whatsoever. Inline ASCII-armoring is the standard method for signing email. It is also the only method directly specified in RFC 2440. An important part of any GnuPG/Mutt FAQ would be instructions on how to configure Mutt to make compatible OpenPGP signatures in the traditional method. (No, this does not mean the broken Application/PGP method that Mutt offers!) (This is not to say I don't recognise the value of PGP/MIME (and the new OpenPGP/MIME.) But crypto is worthless if it doesn't interoperate. When the majority of PGP-aware mail apps can understand PGP/MIME, then I'll advocate switching for non-mailing list email.) --Len. On Mon, 24 Sep 2001, Justin R. Miller wrote:
> Hello,
> Several weeks ago you may remember that I posted a preview of a document
> that I had been working on concerning teaching how to get Mutt and GnuPG
> to work nicely together and how to understand basic use of GnuPG. I
> received a good amount of feedback, and I have tried to incorporate that
> into the first version. You may find it here:
> I have just put an announcement into the queue as well, so
> it should reach a larger audience as well. Please give me any feedback
> that you might have.
> Thanks!
> --
> | Justin R. Miller / / 0xC9C40C31
> | Of all the things I've lost, I miss my pants the most.
> ----------------------------------------------------------
-- Len Sassaman Security Architect | "I must play their game, of Technology Consultant | not seeing I see the game." | | --R .D. Laing