GPG support in Mahogany

David Shaw dshaw@jabberwocky.com
Wed Dec 11 03:24:01 2002


On Wed, Dec 11, 2002 at 01:45:53AM +0100, Ingo Kl=F6cker wrote:
Content-Description: signed data
> On Tuesday 10 December 2002 17:21, Xavier Nodet wrote:
> > I have signed this message twice. I could have encrypted it between
> > the two signature, no?
>=20
> Yes. You could have done this. But please refrain from making this=20
> possible with Mahogany. The reason is that probably no other email=20
> client will be able to grok such a message. Especially since=20
> clearsigning and inline encrypting have been obsoleted long ago by=20
> PGP/MIME you shouldn't do more than the absolute necessary, i. e. add=20
> support for verifying and decrypting clearsigned/inline encrypted=20
> messages but not for creating such messages. Instead you should=20
> concentrate on fully supporting OpenPGP (which means PGP/MIME) since=20
> this is _the_ standard.

Oh no, don't do that.  Even if PGP/MIME is better in every single
detail than plain inline messages, there is one crucial factor: plain
inline messages are supported in every mail client back to (and
including) /bin/mail.  Even this many years after its creation,
PGP/MIME is still only supported in a very few clients.

Inline can be trivially scripted ("gpg --clearsign ... | mail"), and
PGP/MIME can't.  Inline doesn't blow up when run through an archiver,
and PGP/MIME usually does.  Even mutt, which for years was PGP/MIME
only finally got inline support as well.  I don't see that as a step
backwards.

Perhaps the whole world will be PGP/MIME someday, and I'm sure that
will be wonderful as PGP/MIME handles many important things that
inline can't (like non US-ASCII character sets), but it's not time to
stop supporting inline yet.

Some discussion on this topic:

  http://www.imc.org/ietf-openpgp/mail-archive/msg03786.html

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.co=
m/
+------------------------------------------------------------------------=
---+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson