What is the benefit of signing an encrypted email
Ingo Klöcker
kloecker at kde.org
Wed Jan 19 21:25:30 CET 2011
On Wednesday 19 January 2011, Werner Koch wrote:
> Hi!
>
> I'd like to see a feature in MUAs to wrap the entire mail as
> presented in the composer into a message/rfc822 container and send
> the actual message out with the same headers as in the rfc822
> container. This allows to sign the entire mail including the
> headers. On the receiving site the MUA should figure out that the
> signed headers match the actual ones and visually indicate the
> message including the header as signed.
"figure out that the signed headers match the actual ones" may sound
easy, but it's actually an extremely tough task. Any mailing list
mangling the Reply-to header will break the signature. Any MTA, virus
checker, etc. beautifying or otherwise changing the existing headers
will break the signature. There would need to be some canonical format
for headers. But that's magnitudes harder than converting the body of an
email message to the canonical text format.
Still, it sounds like a neat idea.
> This is fully MIME compliant
> and should not break any MIME aware mailer (except for those only
> claiming to support MIME).
True. But those messages will look ugly in most mailers (even in those
that are fully MIME compliant). In particular, web mailers will most
likely not be able to view them properly. Not that any serious email
user would care about them. :-)
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110119/0ceafc2d/attachment-0001.pgp>
More information about the Gnupg-users
mailing list