[head] GPG news (long)

Hi all!

The latest HEAD cvs (ChangeLog "2004-09-11 17:30 PeterB") contains two patches by Peter and me two improve the handling of gpg signed/encrypted messages.

First, thanks to Peter's patch, balsa can now decrypt and check encrypted/ signed messages in imap boxes.

As checking imap messages may be quite expensive (the whole message had to be loaded), I added a feature to make the checking strategy for mailboxes configurable. If you right-click on a mailbox and open the the properties dialog, there is a new item "decrypt and check signatures automatically". You can select

- never: in this mode, balsa doesn't perform any decryption or signature checking, i.e. this mailbox works as if balsa had been compiled without gpgme support; - if possible (the default value): perform crypto operations only if this doesn't require any additional message parts being fetched from a remote server (e.g. imap). For local mailboxes (where all parts are always available), the complete checking is perfromed. In this case, the main difference to "always" (see below) is that all messages from the crypto backend are displayed as "Message"; - always: the same as the "old" behaviour (with working imap, of course). If necessary, missing message parts are fetched from a remote server. Information about broken signatures etc. are displayed as "Warning" or "Error", usually popping up a dialog.

This option can be set for each mailbox differently, e.g. you may want to have "never" for the sentbox (all messages should have your signature), "if possible" for the balsa list (and other mailing lists) to avoid the dialog warning about a missing key popping up when browsing the mailbox, and "always" for your (local) inbox to get more visible warnings/errors.

As a new feature, you can now force decryption and/or signature (re-) checking for any message. To this end, I added a button to the top-level headers widget (I know the icon is ugly, I'm no artist - if you have a better one, it's really welcome!).

Further smaller fixes and improvements include (apart from re-writing much of the internal code) - support for combined signed and encrypted rfc 3156 messages sent by e.g. Enigmail/Mozilla; - a better display of the signature status for OpenPGP (RFC 2440) signed parts; - more verbose information about encrypted/signed parts in the "Message Parts" tree view.

There are still some known gpg issues:
- forwarding a message as attachment and then signing the new aggregate leads to broken signatures;
- printing of signed and/or encrypted messages has to be improved;
- balsa still suffers from the (known) gmime gpg related bugs;
- s/mime (RFC 2633) support.

As always, any comment is welcome!

Cheers, Albrecht.

Albrecht Dreß  -  Johanna-Kirchner-Straße 13  -  D-53123 Bonn (Germany)
     Phone (+49) 228 6199571  -  mailto:albrecht dress arcor de

Attachment: pgp7pVSxIPFAK.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]