Arguments for inline PGP

Michael Daigle list-gnupg at mikedaigle.ca
Tue Aug 9 18:38:02 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to Greg Sabino Mullane's message sent 2005-08-09 11:26:

>>>> * My email has a much better chance of reaching people whose 
>>>> systems bounce (or discard!) attachments.
> 
>>> Are there really a lot of such systems?  I've encountered very
>>> few that bounce messages with attachments, and if they discard
>>> attachments then your message is still intact, just unsigned.
> 
> I should have said "whose systems bounce (or discard!) emails with 
> attachments."

> I'm not arguing giving up MIME at all - there are situations where it
> is indispensable, and I even use it on some occasions. But I did want
> to counter the "inline is evil and should never ever be used by
> anyone" argument. :)

I couldn't agree more, Greg.

I primarily use inlined PGP because I'm tired of having my S/MIME signed
mail bounced back to me as undeliverable because "pkcs7 signature is
listed as a dangerous attachment on this server". What's so dangerous
about a S/MIME signature?! Apparently, it's the same danger that's
present in a PGP/MIME message - mail server admin stupidity.

It's unfortunate, but it's prevalent - and that's why inlined PGP is a
good thing. We can still retain message authentication despite the
goof-ball between us and the recipient.

Of course PGP/MIME is "superior" to inlined messages. I don't think any
of us would deny that. It's just a sad fact that it remains not well
supported by many popular MUA's, and that is further complicated by mail
server admin fear of just about any kind of attachment.

Those who don't exchange mail with commercial enterprises probably don't
suffer this fate. I don't think I've ever had a problem sending any MIME
message to any residential recipient. It's businesses I have trouble
sending to.


- --
Mike Daigle                                   http://www.mikedaigle.ca
My PGP Key                                 mailto:pgpkey at mikedaigle.ca
Gossamer Spider Web of Trust                      http://www.gswot.org

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT - Gossamer Spider Web of Trust - www.gswot.org

iD8DBQFC+NvpNuccKlqTLlMRA7lyAJ9cRjBF+C+IKGUNMdUFv+LYDUw9XACfQxun
FzBXmDYQd/8FvuF1FDhWL4U=
=Dqqr
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list