email bot for PGP/MIME PGP/Inline conversion

[martijn.list]

On 07/14/2014 06:18 PM, Doug Barton wrote:
> On 07/14/2014 09:06 AM, martijn.list wrote:
> 
>> Unfortunately this won't work. You cannot convert a PGP/MIME message
>> into a PGP/INLINE message and vice versa. With a PGP/MIME message, the
>> complete MIME structure is signed and/or encrypted. This includes
>> attachments etc.
> 
> In the absence of attachments, I'm fairly certain you're wrong about
> that. I've written a script to verify the signature of PGP/MIME
> messages, and the signature is over the message itself (again, in the
> absence of attachments). It should be fairly simple to take that script
> and output the message body with a synthesized inline signature.

Yes with a text only message it should work. But if you have a
multipart/alternative message (i.e., text and html part) you'll run into
troubles.

> Attachments add a lot of complexity, but even there it should be doable,
> just a SMOP.

But how? you can of course show the complete MIME structure but that is
not very informative I would think. Perhaps I'm missing something though.

> The thing that would trip you up are message types that can only be
> successfully signed with PGP/MIME, like HTML, and certain character
> encodings. So you could never have a completely successful solution, but
> you could probably get to 80% or so with a minimum of difficulty.

With "unfortunately won't work", I meant won't work in the general case
:) Of course there will be cases where it will work. The problem is that
since the original message is encrypted, you cannot know for sure for
which message it will work and for which message it won't. But if
someone is happy with 80% reliability then you might make people happy
with such a service.

Kind regards,

Martijn Brinkers

-- 
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

http://www.ciphermail.com

Twitter: http://twitter.com/CipherMail