Bad signature (was: Re: GPG support in Mahogany)

Jeffrey Stedfast fejj@ximian.com
Sat Dec 14 19:34:02 2002


> Evolution's developers have admitted that if PGP/MIME messages are
> generated to RFC2015, the sig will fail to verify.  However the

not necessarily, but it is possible that we will fail in that case, yes.

> majority of MUAs don't support PGP/MIME and where they do, the vast
> majority support only RFC2015 not the later RFC3156.  This means the

Since Mutt implements rfc3156 (which has quite possibly the largest
userbase for people actually interested in signing their messages), we
decided it was better for us to support rfc3156 rather than the older
rfc2015 like we did in Evolution 1.0.x

Although, if you want to, you should be able to modify Evolution sources
to conform to rfc2015 instead of rfc3156 by removing just a few lines of
code (the code that adds an additional stream filter to chomp excess
whitespace).

Out of curiosity, what clients support rfc2015 but not rfc3156?

> majority of messages generated by PGP/MIME will have a sig that fails
> to verify in Evolution.......

>From my experiences, I have to disagree. We can verify anything that
Mutt can verify afaict.

Jeff

-- 
Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.
fejj@ximian.com  - www.ximian.com