RFCs, standards, pink bunnies and flower patterns

Werner Koch wk at gnupg.org
Wed Oct 18 09:48:37 CEST 2006


I have not followed the discussion, so just a short comment.

On Tue, 17 Oct 2006 23:31, Cary Wagner said:

> supporting the HTML email format.  The bottom line is CAN GPG and others be
> made to play nicely with HTML.

gpg is unaware of the content. Thus you can sign or encrypt whatever
you like.  For signing or encrypting HTML mails, PGP/MIME (rfc3156) is
the way to go.  Both, PGP/MIME and S/MIME are based on the rfc1847 and
allow to process arbitrary MIME objects. Some mailers fully support
this (iirc: Mutt, KMail, Sylpheed, ... )

Whether external bodys and such are handled in a sensitive way is a
matter of the mailer.  Even without encryption or signing references
to external data proses a privacy problem because reading a mail can
be tracked by the sender.  Good mailers should ask whether such
external references should be inlines and also warn if they are part
of a signature.  It is not an OpenPGP specific problem.  S/MIME has
exactly the same properties.



More information about the Gnupg-users mailing list