RFCs, standards, pink bunnies and flower patterns was -- Re: GPG Outlook Plug-In and Signatures

[Nicholas Cole]

> Of course that it doesn't mean that HTML should be
> banished completely
> from the 'lectronic mail world, but it has its
> essential limitations as
> for the cryptographic routines.

Mica,

Thank you for your email.  It made me reflect.  I had
been ignoring this discussion.  HTML emails are here
to stay, and may users of the internet rely on them. 
Indeed, text only emails can look horrid on many
Outlook setups, a fact I was long unaware of since I
haven't used it in about 7 years.

It's hard enough getting people to use encrypted email
as it is - telling them they can't use what is to many
people a very standard tool doesn't seem to me a good
way forward.

It seemed to me that PGP/MIME provides an excellent
way to handle HTML email.  But your email did make me
think about that a bit more.  Obviously, its ability
to load external images might make the signature in
practice meaningless (though the signature on the
source code would still be correct, which makes it an
interesting philosophical point).  Is there anything
else about an HTML email that raises a red flag from a
security point of view?

Best,

N.

Send instant messages to your online friends http://uk.messenger.yahoo.com