ideal.dll // fixing thread breaking

Robert J. Hansen rjh at
Fri Jun 29 17:48:28 CEST 2012

On 06/29/2012 08:06 AM, Brad Rogers wrote:
>> If you ask on Enigmail mailing list, they will tell you that that
>> issue is with Mailman (or other mailing list software) which messes up
>> with headers and makes PGP/MIME unverifiable. They will also say that
> Headers are outside what is signed, surely?

Mika is more or less right, except it isn't headers -- it's the PGP/MIME
attachment separator.  Mailman makes a very slight tweak and that's
enough to bollix up the signature.

This mailing list does not play nice with PGP/MIME, the last time I
checked.  (For a long time Enigmail's list didn't, either, but that
problem has since been fixed.)  In general, PGP/MIME with GNU Mailman is
always a roll of the dice.

<begin speaking-for-Enigmail>

And yes, Mika is right: that's why Enigmail recommends inline OpenPGP.
We've all seen PGP/MIME break in too many different contexts.  For
instance, I've seen MTAs that strip off attachments, inspect the
attachments for malware, then re-attach them but with very slight
differences that break PGP/MIME.  I've seen MUAs that can't understand
it, mailing list software that breaks it, and so on.

PGP/MIME is a superior technical standard, but it's quite fragile.  We
believe PGP/MIME is the clear choice *if possible*, but given how often
it's not possible we recommend inline OpenPGP by default.

<end speaking-for-Enigmail>

(This message is PGP/MIME signed.  I know my system works correctly with
PGP/MIME and that neither my MUA nor MTA mangle it.  If it's not coming
through, the most likely culprit is the list's GNU Mailman installation.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120629/8c6fe2a8/attachment.pgp>

More information about the Gnupg-users mailing list