Evolution signatures

Neil Williams linux@codehelp.co.uk
Wed Aug 6 19:31:02 2003 

--Boundary-02=_mvTM/0LdCbRT3AQ
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Wednesday 06 Aug 2003 11:17 am, Adrian von Bidder wrote:
> On Wednesday 06 August 2003 10:33, Ben Finney wrote:
> >   - If the From: header changes, you can check it against the UIDs for
> >     the signing key.  Signing the From: header doesn't gain anything.
>
> Hmm. Ok, so probably MUA implementors should warn if From: header does not
> match a uid, or should not display from: at all but just the uid(s) of the
> signing key.

Why? The email client already displays the details of the primary UID as pa=
rt=20
of the good (or bad) verification, as long as the public key is available.=
=20
You don't have to take any notice of From:

> >   - If the Subject: header changes, it should affect the context of the
> >     message at all.  If it does, your correspondents are misusing the
> >     Subject: header.  It's supposed to be a summary indication of the
> >     contents, not an integral part of them.
>
> There's a huge difference on how it should be and how it is.... There are
> many people using the Subject to convey essential information. (People
> often don't see why they should type (part of) their message twice - so
> they either leave the subject empty or don't repeat in the body what is
> already in the Subject.)
>
> Yes, it's bad. But I doubt any attempt to educate users will be successfu=
l.

Not true. Why make this part of GnuPG when the 'problem' is clearly user=20
related? I don't have any experience of what you described as 'often' - bla=
nk=20
subject lines are just plain rude (make scanning an inbox for important mai=
l=20
from new correspondents more difficult) and users who do this should simply=
=20
be told to mend their ways.

If someone doesn't repeat the 'vital' information contained in the subject=
=20
line within the signed message, disregard it and then ask them why.

=2D-=20

Neil Williams
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
http://www.codehelp.co.uk
http://www.dclug.org.uk

http://www.biglumber.com/x/web?sn=3DNeil+Williams


--Boundary-02=_mvTM/0LdCbRT3AQ
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/MTvmiAEJSii8s+MRAvqSAJ4m/ayu6NPhF3K06+ucTSh9Mh+RUACdFXF/
6M8VyPL5Yb2W4PHEIrfYrwo=
=usNe
-----END PGP SIGNATURE-----

--Boundary-02=_mvTM/0LdCbRT3AQ--