On Tue, 08 May 2012 14:53:30 +0300 Mika Suomalainen <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > 08.05.2012 14:45, Jochen Spieker kirjoitti: > > Indulekha: > >> > >> No, I think you may have an incorrect or incomplete > >> configuration.... > > > > This is inline vs. MIME: > > > > http://www.phildev.net/pgp/pgp_clear_vs_mime.html > > > > J. > > And that page forgets the problems in MIME. > > PGP/MIME requires headers, message and the signature.asc to be > verified. Some mailing list programs mess up with the headers and this > way make PGP/MIME signatures unverifiable. I'm no expert in all this, but can you explain and document what you mean by the claim that "headers ... must be verified"? All emails have their headers modified en route (e.g., "Received:" and "Delivered-To" are added, as are all kinds of "X-stuff" ones). Does PGP/MIME really protect all headers (beyond the MIME ones)? It really breaks if *any* headers are modified? Please provide documentation. http://www.ietf.org/rfc/rfc1847.txt http://www.imc.org/ietf-openpgp/mail-archive/msg01938.html This stuff is old, but do you have anything more current? Celejar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
