MUA questions

Atom 'Smasher' atom-gpg at suspicious.org
Wed Feb 4 22:45:26 CET 2004 

> > which one is considered to be supported most widely [in mail
> > clients]?
>
> I don't even think it's a question, inline is more widely supported.
> That's unfortunate, as PGP/MIME has the advantage of being defined in
> an RFC and can properly deal with all types of mail messages and
> formats, whereas inline breaks pretty quickly when you feed it much
> more than plain old ASCII.  Inline also doesn't do anything for your
> attachments, making your job harder if you want to sign and encrypt a
> message to a friend and include an attachment.
=========================

the body of an email should really only contain plain-old ascii.

for signing attachments, i would either:
 a) attach a signature for each attachment
	(doubling the number of attachments)
 b) specify the hash of any attachments in the body, and sign the body

i prefer the latter.


> > similarly, do any mail clients have a problem with an encrypted
> > message body?
>
> If you mean an inline encrypted message body, then yes, Evolution
> doesn't handle that.  Perhaps it's not really best described as having
> a problem with it, it will display the encrypted message for you just
> fine, it just won't help you decrypt it.  I'm guessing you're more
> curious to know if any MUA's break or otherwise act badly when they
> encounter such messages.  I'm sure there are some, but I've not used
> any such MUA's.
=========================

i'm also curious which clients make it easy/hard to decrypt/verify a
message sent in a particular way, not just whether or not they crash.


> > sometimes i get an empty body with an encrypted attachment... i find
> > it rather annoying and inconvenient.
>
> I would think it would be.  What MUA are you using that does this and
> what type of messages do this, inline or PGP/MIME?  Just curious, as
> it might help me to avoid sending the wrong kind of message to someone
> in the future.  It might also just be a problem with the sender's
> config.
==========================

i'm a fan of pine, although it has no native support at all for PGP. there
are some "plug-in" scripts that make it very nice though, as long as
everything is in-line. attachments have to be saved to a file and then
dealt with manually...

decryption and verification can be done 100% auto-pilot, as long as
everything is in the message body.

encryption and signing can be done with 1-2 extra keystrokes (not counting
a password!) or one of them can be configured to be the default way of
sending mail.


i have to admit that i did get a chuckle out of the outhouse reference...
anything that berates M$ is fine with me.


	...atom

 _______________________________________________
 PGP key - http://smasher.suspicious.org/pgp.txt
 3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
 -------------------------------------------------

	"Politics is the art of preventing people from taking part
	 in affairs which properly concern them."
		-- Paul Valery

More information about the Gnupg-users mailing list