MIME or inline signature ?

Robert J. Hansen rjh at sixdemonbag.org
Fri Feb 13 04:18:25 CET 2015


> I don't know if this is true for PGP-Basics, but it is certainly not
> true for enigmail or gnupg-users.  Please update the FAQ!

It's still true for PGP-Basics; Enigmail's been bit by it within the
last year, if memory serves, but it's been generally accepted; GnuPG's
been AFAIK stable for it.  I've got a few hours free tomorrow; I'll see
about fixing this verbiage.

I should also add that PGP/MIME *may* give protection to metadata (see
Patrick's decision to use the creative header protection scheme you
mentioned), with some verbiage about how only Enigmail has promised to
implement it.  But over the last 18 months or so the metadata issue has
become important to a lot of people, so that should also be mentioned.

As is my usual, once I draft something I'll post an easily
human-readable diff to the mailing list and give people a chance to
raise objections and concerns.  I'm more the FAQ custodian than the FAQ
maintainer -- I want everything in it to reflect community consensus,
not just my own opinion.  :)

>      --dkg, noting the irony of the parent message being sent with
>        S/MIME, an entirely different standard

And the MIME attachment being mangled by the mailing list, yes, I agree.
 It's almost a bizarre endorsement of the attachment fragility idea...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20150212/b8c28249/attachment-0001.bin>


More information about the Gnupg-users mailing list