PGP/MIME [was Re: Balsa Encrypts messages with GnuPG!]

[Jeffrey Stedfast <fejj stampede org>]

Oh, and another thing...

The reason KMail probably was able to verify the inline pgp signature is
because it is also a UNIX mailer. Were it a DOS/Win32 mailer - it
doubtfully would have worked as Win32 uses the cononical end-of-line
sequence (CRLF).

The proper way of doing this would be to crlf-encode the message body
before signing it but since most UNIX mailers don't re-crlf-encode the
message body before piping it to their favorite PGP implementation, this'd
break most other UNIX mailers... *sigh*

You can't win with inline-PGP implementations.

Like I said...a waste of time ;-)

Jeff

On Wed, 03 Jan 2001, Jeffrey Stedfast wrote:
> Date: Wed, 03 Jan 2001 22:03:15 -0500
> To: oly@mail.com, balsa-list@gnome.org, Alan O <alan@hitter.net>
> From: Jeffrey Stedfast <fejj@stampede.org>
> CC: Brian Stafford <brian.stafford@office-logic.com>
> Reply-To: fejj@stampede.org
> Sender: balsa-list-admin@gnome.org
> Subject: PGP/MIME [was Re: Balsa Encrypts messages with GnuPG!]
> 
> [comments below]
> 
> On Wed, 3 Jan 2001, Oliver Oberdorf wrote:
> > Date: Wed, 3 Jan 2001 20:29:29 +0900
> > To: balsa-list@gnome.org
> > From: Oliver Oberdorf <oly@tkk.att.ne.jp>
> > Reply-To: oly@mail.com
> > Sender: balsa-list-admin@gnome.org
> > Subject: Re: Balsa Encrypts messages with GnuPG!
> > 
> > 
> > With all respect,
> > 
> > I don't think balsa will be free of mutt for some time.  People have
> > wanted
> > PGP support in balsa for *ages*.  Others have repeatedly shot down the
> > idea of using lubmutt's PGP with this argument, but /nobody/ has time
> to
> > do
> > it this way and libmutt seems to still very much a part of balsa.  Now
> > that
> > someone is 90% done with the obvious approach, I see no reason to stop 
> > him.
> 
> He's still a long way off, he only has signatures working (and
> encryption?)
> and only for GnuPG. (btw Werner Koch is working on a library called GpgMe
> which will replace his efforts for GnuPG support).
> 
> > 
> > Plus, mutt is time-tested and I see no reason to think a from scratch
> > implementation will work better.  More flexible for developers; maybe.
> > Better integrated with gnome PGP; obviously.  Ready in 3 months or
> > less; not likely.
> 
> It can be ready easily in 3 months as I've already written a full MIME
> implementation (*with* PGP/MIME support even). All that needs to be done
> is
> to integrate it into Balsa.
> 
> IMHO, PGP/MIME is the correct PGP implementation to use - inline pgp
> hacks
> are a waste of time...sure it'd be nice to support receiving them but not
> sending them. Receiving them using my library would be a sinch as well
> anyways.
> 
> multipart/encrypted and multipart/signed are the accepted way of doing
> this
> and it works a lot better too.
> 
> The other concern is that there is no standard way of encrypting
> attachments inline (inline in this context means non-PGP/MIME). PGP/MIME
> is
> the only acceptable way of encrypting/signing attachments.
> 
> In the case of signing parts, why sign each attachment? that's a waste -
> it's better to sign the entire email message. And *that* can only be done
> with PGP/MIME.
> 
> Anyways, take a look at my API before you toss this idea aside, I believe
> that once you see the API you'll be convinced it is THE WAY.
> 
> http://www.xtorshun.org/gmime/doc/
> 
> Jeff
> 
> _______________________________________________
> balsa-list mailing list
> balsa-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/balsa-list