-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 03/15/2014 10:10 AM, Patrick Brunschwig wrote: > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > > On 15.03.14 16:41, Egbert van der Wal wrote: >> >> I recently set up my mailserver to use DKIM signing and I think >> the solution for embedding the DKIM signature is really elegant: >> adding a DKIM-Signature header. Since mail clients that do not >> understand this header just ignore it, it is basically invisible >> to people inexperienced with mail and/or DKIM. It is still >> embedded in the message. I then started looking for any >> possibilities to use this and came across someone who wrote about >> this same idea: >> >> http://beza1e1.tuxen.de/articles/pgp_header.html
It is important to be clear about the nature of the problem so as to address it properly. The problem is part social and part technical. First, as to the social, I have been signing my emails for many years now, and I find some people are disturbed when they can't do anything with the attachment. I explain, sometimes they don't understand, but the important thing for them is to just ignore the attachment, and eventually they get that. Life goes on. Next is the technical. This divides into two problems. First is that the current methods of signing have been in use for quite a long period of time. Enigmail is far from the only piece of software involved. Compatibility is an issue. But I believe this is what the RFC process is for. The other issue is the question of what to sign/encrypt. I'm not seeing this as a problem. Just sign/encrypt the entire body, including attachments and leave it to the sender, as we already have been doing for years, to make obvious which bits are from previous messages. This does seem to me to be 'clean' and 'elegant'. It also seems to me that it would address another problem previously reported on this list in which a signed attachment could lead a receiver to believe that the entire message had been signed. It's important to remember here what a signature is supposed to mean: strictly that I sent this. It means nothing more. And it strikes me that the practice of encrypting pieces of a message and leaving other pieces unencrypted is dubious, that leaving portions unencrypted might offer clues as to the encrypted content. - -- David Benfell see https://parts-unknown.org/node/2 if you don't understand the attachment -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJTJLpxAAoJEBV64x4SNmArnN4P/iUxhalEbYElYO9S2nAV/kQ7 9Hd5PjM0cA2zOccGh5kWF69ftO44A0UMT2wAprLrOgfKFkXZLIKhb591lGjgpqAf vVeEQUshIHp4kioJBq+VMxh6tDDP8ZDttJQF5a7rHrPV7F7gGnc6IztcbA6bwmGo 5tdRAWH3Xc72R/6kfRWEHAoyaNH2BRdrVZx+T/MsGTdIk/dul020pzjHe7Uk7LUd QtpFrGBCtHfN9xM+RvkmVky1e+5UNj7yR/XATeqzKYoVAbj5zoDdIScR25YnewfM TDE6Qe1oGcQFKitNhmji7eq/CbwVT5kG0rfW25PLRLS7CH0nM7Y/bqK+w6Uxnn0Q 3dF2WqztrRa0ugFnF5ZY2b2SKXcSJCAN3dcHSc1HTpC7HI2L+zo7AKOceOMHQU3X SU+uucEUhJ1p+mUu5lxoBLsTNWe+iNcBhd0ydk8mfc0Zt6HSRRamCVYLJlsoksG2 rEBChvYQ8zPM0N+ZgDwC8MzCD1HJVCPy8b5vuT12MdOPUng3E8A8RphKSapPrQHI sgJbBLY3lMsVzbtKoPy6ksmF8YyIHci5uKu+cjOH60ygX1LpZupsU2Ft8vrxnVtF xWF/XtBy7qkuK62ZesYdvYVskNnSHbeziqQGE4tVdOWCcWshiLksd/q4RR4Fs6fw PA5YXrl8Yu33GBuVA8p7 =I6/e -----END PGP SIGNATURE-----
<<attachment: benfell.vcf>>
_______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
