comment and version fields.

Ingo Klöcker kloecker at
Mon Apr 2 23:07:14 CEST 2007

On Monday 02 April 2007 17:34, Werner Koch wrote:
> On Mon,  2 Apr 2007 17:15, randux at said:
> > No, you're misunderstanding me. I'm not concerned with the
> > technical user who posts a question to a news list and understands
> > the issue. I'm wondering about the non-technical (business) user
> > who gets a plug-in for his email client and then misinterprets a
> > modified signature block that someone tampered with.
> Proper MUAs clearly mark the signed part(s) of a message.  For
> instance, checkout KMail (or Gnus).

Moreover, at least in KMail the comment and version headers are not even 
shown to the user. So there's no way the user could be lead into 
thinking they belonged to the signed text/data.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20070402/2086c033/attachment.pgp 

More information about the Gnupg-users mailing list