Re: inline gpg signatures?



> http://home.arcor.de/dralbrecht.dress/balsa/UsingGnuPG.html

Thanks! I read this document a while ago- I guess things didn't connect  
in my head. Thanks also for some great documentation.

> Please note that if you OpenPGP sign a message, the recipient having  
> a MUA not supporting signing/encryption will not see the confusing  
> attachment, but has all the PGP stuff inline (see RFC2440 for an  
> example...), which IMHO will be more confusing.

I see your point as to the inline stuff, and I think I'll stick with  
mime signatures. However I know for a fact that at least webmail  
systems and the OSX mail program show these as attachments. Not that  
it's an issue..

On the other hand, what is an issue is that balsa often displays the  
dialog

"The message sent by <email address> with subject "<Subject>" contains  
a "multipart/signed" part, but it's structure is invalid. The  
signature, if there is any, can not be checked."

when opening a 'gray padlock' message, but I can see nothing wrong with  
the message structure itself.

One example I'm looking at has the pgp signature inline, content type  
application/pgp-signature, and all messages from this recipient refuse  
to be verified by balsa.

Since I usually encounter these types of messages on mailing lists, I  
feel inappropriate letting the senders know that I can't verify their  
messages, unless I know exactly what is causing this.

Could someone tell me/point me to what is happening here?

If more information about these messages is needed, they are from  
public mailing lists, and I can probably provide direct links to  
archived copies.

Thanks for the best email client around!
	Kacper

PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]