Mailinglist Archive: opensuse (3166 mails)
| < Previous | Next > |
Re: [SLE] Re: OT PGP - Was [SLE] 8.2 Announced
- From: "Theo v. Werkhoven" <twe-suse.e@xxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 23 Mar 2003 22:13:57 +0100
- Message-id: <20030323211357.GJ2821@xxxxxxxxxxxxxxxx>
On Sun, 23 Mar 2003, John just had to get this off his chest:
> In a previous message, Tom Emerson wrote:
>
> > On Saturday 22 March 2003 7:10 am, Ian David Laws wrote:
> > > I do not understand this thread. I am using kmail and his signature is
> > > not a 1000 lines long I receive "message was signed with unknown key
> > > xxxxx. The validity of the signature can't be verified.
> >
> > People using other MUA's that aren't configured to check
>
> It's not just that - there is a problem with PGP signing on mailing lists,
> because the list server adds a footer to each post. Only a few MUAs
> (including kmail) seem to handle this "correctly" and still strip out the
> PGP code. Most (including mutt and mozilla) don't.
I think the mailinglist software is smarter than that. Mutt e.g.
normally encodes signed messages in quoted-printable as
"Content-Type: multipart/signed" with "Content-Disposition: inline"
Ezmlm is smart enough *not* to try to mess with MIME contents, and
so doesn't append its own sig to these messages. At least.. that is
what I notice when I look at signed messages that follow RFC2015.
Mutt (here at least) has no problems finding and verifying the
signatures.
> So, signing mailing-list posting means that almost everyone not using kmail
> is stuck reading PGP code. It's not a huge annoyance, but it is a real one
> because finding the actualy reply within all that extraneous material isn't
> always easy.
Please do a little more research before making wild and unfounded
claims.
Theo
--
Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org
ICBM 52 13 27N , 4 29 45E.
SuSE 8.0 x86
Kernel k_Athlon 2.4.19-4GB
See headers for PGP/GPG info.
> In a previous message, Tom Emerson wrote:
>
> > On Saturday 22 March 2003 7:10 am, Ian David Laws wrote:
> > > I do not understand this thread. I am using kmail and his signature is
> > > not a 1000 lines long I receive "message was signed with unknown key
> > > xxxxx. The validity of the signature can't be verified.
> >
> > People using other MUA's that aren't configured to check
>
> It's not just that - there is a problem with PGP signing on mailing lists,
> because the list server adds a footer to each post. Only a few MUAs
> (including kmail) seem to handle this "correctly" and still strip out the
> PGP code. Most (including mutt and mozilla) don't.
I think the mailinglist software is smarter than that. Mutt e.g.
normally encodes signed messages in quoted-printable as
"Content-Type: multipart/signed" with "Content-Disposition: inline"
Ezmlm is smart enough *not* to try to mess with MIME contents, and
so doesn't append its own sig to these messages. At least.. that is
what I notice when I look at signed messages that follow RFC2015.
Mutt (here at least) has no problems finding and verifying the
signatures.
> So, signing mailing-list posting means that almost everyone not using kmail
> is stuck reading PGP code. It's not a huge annoyance, but it is a real one
> because finding the actualy reply within all that extraneous material isn't
> always easy.
Please do a little more research before making wild and unfounded
claims.
Theo
--
Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org
ICBM 52 13 27N , 4 29 45E.
SuSE 8.0 x86
Kernel k_Athlon 2.4.19-4GB
See headers for PGP/GPG info.
| < Previous | Next > |