Re: [Evolution] Recipients using Outlook see PGP as attachments

No, inline PGP is a broken method of sending encrypted/signed messages.

1. You can ONLY sign/encrypt plain text safely (and even still you
should really QP encode but most mailers don't which means that it
stands a chance of being broken when it gets to the recipient)

2. It has a number of security issues. (as a rough idea: what type of
data is encrypted? is it a jpeg? is it plain text? is it an executable?
how do I display it?)


On Mon, 2001-09-10 at 23:25, Michael J Schulz wrote:
Since Evolution sends PGP encrypted text MIME encoded as 'multipart/
encrypted; protocol="application/pgp-encrypted"' Outlook gives it
filename and displays it as an attachment.  An Outlook user has to save
the attachment, decode it (or jsut cut and past the PGP part), then
decrypt it.  

Are you planning on having an option to send encrypted mail so that
Outlook will get it in an inline format instead of encoded?

Evolution does it like this.

Content-Transfer-Encoding: 7bit
Content-Type: application/pgp-encrypted

Version: 1
Content-Type: application/octet-stream
Content-Transfer-Encoding: 7bit

Version: PGP 6.5.8

   Encrypted text is here.



Whereas Outlook sends the file as text, and it looks like this:

Version: PGPfreeware 6.5.8 for non-commercial use <>

   Encrypted text is here.


evolution maillist  -  evolution ximian com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]