Re: [Evolution] pgp unusable?

Jeffrey Stedfast wrote:

On Thu, 2001-11-29 at 05:25, Levente Farkas wrote:
and at last gpg simple unusable with evolution. when I try send an encripted
mail with evo (I have to go to the menu and click on a menu item, it
would be much simpler if I able to check it somewhere within the
composer window and I always be able to see wheter it will be encrypted
or not). so after I send a mail it put into the sent mail encrypted with
my public key (which is ok), BUT evo send it to the others too!!
the mail which was send to the recipients should have to be encrypted
the recipients' public key (since they dont have my private key:-)
even I try to shitch of tools/mail settings/edit/security/
Always encrypt to myself when sending ecrypted mail
the thing just getting worse since if any error occure during pgp evo.
don't send mail.
again try to look at pine (and in this case others using outlook can
read you encrypted messages) which send inline non multipart and correctly
encrypted (others with their public key, into sent folder with your
public key) mails.
I even try to play with .gnupg/options:
encrypt-to "lfarkas mindmaker hu"
default-key "lfarkas mindmaker hu"
both works with pine but neither with evo (I try to commnet/uncommnet
both line).

It works for me... although someone reported a bug saying that when a
recipient's gpg key is not signed, when sending them encrypted mail, it
only encrypts to the sender's key.

yes it's true thre recipient's gpg key is not signed!

in this case it should have to report to gpg

gpg tells us everything went fine, so Evolution has no way of knowing
that it didn't encrypt to all the recipients we told it to encrypt to,
thus it's not our fault.

How is your pine configured to use gpg? does it pass the --always-trust
argument to gpg? I didn't make Evolution do that because I figured it
might be considered "bad", but I think other mail clients might be doing

there is a -at option which is not in the manual but I assume it is the
same as --always-trust.

another thing about gpg. I read the page
which simple not true! that way evo sign/encrypt mail is a standard way,
but not the only one. the way like pine do inline pgp message would be
very simple to implement and can be readable by other mailers like
pine, netscape, outlook, eudora. these mailer are the biggest part of
the world. I agree with you that the default should have to be the standard
way but usability is another and very important reason (that's why so
many people use kde:-(()

In-line pgp mode is a broken way to do it - so many things can go
"wrong". Should I first QP/Base64 encode the text before signing? or
should I do it afterward? Do I From-escape before? afterward? ever? Do I
CRLF encode before signing?

do what most inline mailer do! if you already non-standard the try to be
the most usable.
No mailer does it the same, they all have their own pseudo-standard way
of doing it. That is why we don't do it, because it's broken.

but most mailer support it and the current case almost unusable since
just other evo user can use read my mails:-( at least an option to
use the non-standard inline version would be useful.

 -- Levente              
    "The only thing worse than not knowing the truth is
     ruining the bliss of ignorance."

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]