<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">On 31 Aug 2024, at 23:35, T. S. <tfasnetamot@emailn.eu> wrote:<br><div dir="ltr"><blockquote type="cite"><br></blockquote></div><blockquote type="cite"><div dir="ltr"><div><font size="2" face="Arial">Hello,</font></div><div><font size="2" face="Arial"><br></font></div><div><font size="2" face="Arial">after looking into DKIM details, I started searching, why the same procedure cannot be used for gpg?</font></div><div><font size="2" face="Arial">With gpg a lot of people from get confused, when they receive signed mails either because of the </font><code>-----BEGIN PGP SIGNED MESSAGE-----</code><font size="2" face="Arial"> strings, or because the unknown attachments in MIME message.</font></div><div><font size="2" face="Arial"><br></font></div><div><font size="2" face="Arial">When now looking to DKIM, this looks much more advanced. There is a Header in the mail, containing the signature all details to the signature and information about header items included in the signature:</font></div></div></blockquote><snip><br><blockquote type="cite"><div dir="ltr"><div><font size="2" face="Arial">Is somethings similar available for GPG/PGP?</font></div><div><font size="2" face="Arial"><br></font></div><div><font size="2" face="Arial">Currently I found nothing, but I expect that this could help for much better acceptance for signed mails. Receivers, who don't know anything about gpg getting not confused, as the
Header is totally invisible.</font></div><div><font size="2" face="Arial">With such an implementation I would start again sending all my mails automatically signed, as I have not longer to answer questions about my weird looking mails.</font></div></div></blockquote><br><div>You’re essentially talking about defining a new cleartext signing mechanism, so that people using PGP-unaware mail clients can remain blissfully unaware, while also allowing for a graceful upgrade to signed mail for those who can.</div><div><br></div><div>Unfortunately, history has taught us that any cleartext sent over email *will* be mangled, and this will break the signature. MTAs are in general really bad at preserving the content of email messages. The only reliable way we know of to protect your signed plaintext is to encode it in something more robust, such as base64. Even then, if it is encoded as a base64 MIME part, MTAs have been known to mangle the MIME headers, which breaks the signature. And if you don’t sign over the MIME headers, your email is dangerously malleable (see efail). </div><div><br></div><div>So for the foreseeable future at least, it seems you can have trustworthy signed emails or you can have backwards-compatible cleartext signing, but not both. </div><div><br></div><div>A</div></body></html>