[linux-elitists] Fwd: PGP signature attachments!

Karsten M. Self kmself@ix.netcom.com
Fri Sep 7 17:49:30 PDT 2001

on Fri, Sep 07, 2001 at 10:41:40PM +0100, Sean Neakums (sneakums@zork.net) wrote:
> begin  Karsten M Self quotation:
> > Moreover, RFC 2015 includes directives to mail handling utilities
> > regarding integrity of messages, and how they are or aren't to
> > modify a message text which has been signed or encrypted.  As you've
> > certainly read my rant closely by now, you'll note the specific
> > reference I've made to the munging issue.  Cleartext signing
> > provides no such hints, and there is no assurance your cleartext
> > signed message will be delivered intact.
> People fail to check signed messages, and it's the MUAs fault for
> allowing them to be munged in the first place?  

Please restrict yourself to putting words in your own mouth, not mine.

A munged signed message can't be verified regardless.  Broken mail
handling software must be fixed.

An intact, signed, but unverified message can still be verified at a
later date.  There's worlds of difference.

> > MIME is an established and official IETF standard.  RFC 2015 is not
> > officially recognized, due to its draft status, but it's a fairly
> > widely implemented standard.  The Gnus feature is, by contrast, an
> > exploitation of a convention.
> Given its non-ratified status, RFC2015 is merely an
> extensively-documented convention.


It is also relatively extensively implemented.  Again, assume from your
prior comments that you've read and recall the support for a wide range
of MUAs under GNU/Linux, legacy MS Windows, Macintosh, and other


Karsten M. Self <kmself@ix.netcom.com>          http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?             There is no K5 cabal
  http://gestalt-system.sourceforge.net/               http://www.kuro5hin.org
   Free Dmitry! Boycott Adobe! Repeal the DMCA!    http://www.freesklyarov.org
Geek for Hire                        http://kmself.home.netcom.com/resume.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20010907/c8090dff/attachment.pgp 

More information about the linux-elitists mailing list