Virus-checking software flagging GNUpg signatures?

Simon Josefsson jas@extundo.com
Fri Jan 18 00:08:02 2002


Werner Koch <wk@gnupg.org> writes:

> On Thu, 17 Jan 2002 04:22:31 -0800, George Schoelles said:
>
>> If you could name the attached signature it might help.  Most 
>> Windows users  would be rightfully weary of "Attachment: 1". 
>> Else, do a plain text  signature for easy, unquestionable 
>> viewing.
>
> Great, the IETF steps back from working protocols to fix the 
> buggy software of one vendor.  I can image a lot of other 
> protocols we should then change.  Eventually RFC 1149 [1] will 
> be used as the only allowed transport protocol.

Another "practical" problem with PGP/MIME is that MIME headers is 
sometimes changed in transit or by mail servers which breaks the 
signature.  The "Outlook plugin" approach to PGP and MIME works 
better in the real world, I'm sorry to say.  (That approach being 
to encode the message with text/plain, application/pdf etc MIME 
tags and then simply replace each MIME part body with PGP blobs.)