Saving a gpg signed message as plain text from Evolution?

Henry Hertz Hobbit hhhobbit at securemecca.net
Wed Mar 21 22:49:07 CET 2007 

On Wed, 2007-03-21 at 00:39:04 -0100,<George.Shaffer at comcast.net>
wrote:

> Message: 8
> Date: Wed, 21 Mar 2007 00:39:04 -0400
> From: George Shaffer <George.Shaffer at comcast.net>
> Subject: Saving a gpg signed message as plain text from Evolution?
> To: gnupg-users at gnupg.org
> Message-ID: <1174451943.1822.236.camel at localhost.localdomain>
> Content-Type: text/plain
> 
> I've searched the archives and have found messages somewhat related to
> this, but nothing that actually helps. I'm using Evolution 1.4.5; it's
> old and I'd love to upgrade everything but that is not an option at this
> time.

What OS is this on?

> In the past I've saved what I gather are called in line signatures to a
> file and verified them with no problem. It never occurred to me that
> saving the multi part messages that Evolution creates when you sign one
> of your own messages would be a problem. The multi part messages are
> convenient, but if the only place that you can verify a specific message
> from is the email client that it was sent from (and the original
> recipient), it defeats a major purpose of digital signatures: proof of
> who sent it and that the message is unchanged. 
> 
> In a legal dispute the sender would look like a fool if he claimed it
> verified in the email program on his PC, but could not get it to verify
> anywhere else. The only other person who could verify the message, would
> be the person least likely to have any desire to assist.
> 
> I've spent hours trying to get a signed message out of the sent folder
> of Evolution. Using a message with an in line signature as an example
> and gpg error messages, I've gotten to the point that gpg will try to
> verify it but it always verifies bad. 
> 
> That is not surprising since Evolution breaks very long URLs into 2 or
> three lines, converts copyright symbols to =C2=A9, adds =20 here and
> there (I think blanks at the end of a line), adds returns (^M) at the
> end of every line in the message area. Something I saw suggested this
> was part of the standard? I've fixed everything I could find and tried
> it with and without the returns and with and without spaces for =20 and
> all verify bad.
> 
> Is there anything that I can do to get a signed email out of Evolution
> 1.4.5 as verifiable plain text. It's pretty important and any assistance
> would be much appreciated. I'm willing to do just about anything,
> include resend it to someone who has a client that will save it in a way
> that it can be verified. Privacy is not a concern, as I plan to post
> this email to my web site. But the second sentence says "Please note
> that this is a digitally signed document, and legal notice . . ." and it
> will look pretty dumb if I have to explain why it won't verify.
> 
> In the future, I will prepare and sign important documents outside of
> Evolution, and paste them in when they're ready, if I can't find
> something better.
> 
> George Shaffer
> -- 
> For my GnuPG key ID and fingerprint see http://geodsoft.com/about/

I think you are mistaken on several things.

1. Evolution does NOT use in-line. It has always used OpenPGP/MIME
and always will.  It doesn't even have the capacity to handle in-line.
At least it has been that way with every version that I have used.

2. The standard for mailing is to add ^Ms  at the end of every line for
   transmission.

3. The instant you change ONE character in the body it will never vary.

4. I will look at the sent folder, but I have learned to either Cc:
   or Bcc: myself.  In fact, I have it set to do BOTH, and delete
   the one I don't want to use manually.  I don't trust the sent
   folder because I don't think it signs the messages properly there.

5. I am using Evolution on 2.0.4 on Fedora Core 3 Linux (I was going to
   recently update to FC6 and the install failed on a trial machine).
   This message is signed.  My Key ID is 5BA96FAC.  The key is on the
   servers, but it's fingerprint and the checksum of the file with the
   key in it I will send to you is:

   9D55 B232 80B0 D623 E1A1  EECC AF74 19BF 5BA9 6FAC
   91df314d349879384b36e70905f9d3d9cdeb5675
   hhhobbit_at_securemecca.net.asc

HHH

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20070321/7844a75b/attachment.pgp

More information about the Gnupg-users mailing list