Re: gnupg/mailing list validation error
- From: Albrecht Dreß <albrecht dress arcor de>
- To: Kacper Wysocki <kacperw online no>
- Cc: balsa-list <balsa-list gnome org>
- Subject: Re: gnupg/mailing list validation error
- Date: Thu, 4 Mar 2004 20:23:38 +0100
Am 03.03.04 21:56 schrieb(en) Kacper Wysocki:
> this info for me. Only one worry, though- signatures(the human readable
> kind) are usually prepended with a "-- \n" - note the trailing
> whitespace. I've seen it discussed many a time that mailers incorrectly
> gobble the trailing whitespace, as this is a standard that some MUAs
> depend on to, say, display the .sig in a different color. Is this the
> case here with two conflicting standards, as the RFC states that
> trailing whitespaces should be ignored?
In RFC 3156 (multipart/signed), this whitespace "counts", whereas in RFC
2440 it is simply ignored for the calculation of the signature. Note,
however, that signature calculation takes place *after* applying the
content transfer encoding which is forced to quoted-printable in balsa.
This line is converted to "--=20" for RFC 3156, so the whitespace is not
visible to the crypto routines, and should also be ignored by any mta or
gateway. Note that there is no need to code non-trailing whitespaces, so a
line consisting of, say, two spaces may safely be encoded as " =20".
In RFC 2440 mode (aka OpenPGP, single-part signing/encryption), not only
the whitespace will be quoted-printable encoded (which is *not* a
requirement of '2440, but I added it for safety, and it will never do any
harm!), but also the leading dash must be "dash escaped", so the line
reads "- --=20". You may check this yourself by sending signed messages to
yourself@localhost and then looking into the message source.
Albrecht Dreß - Johanna-Kirchner-Straße 13 - D-53123 Bonn (Germany)
Phone (+49) 228 6199571 - mailto:email@example.com
] [Thread Prev