-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10.07.14 23:53, Daniel Kahn Gillmor wrote: > hi folks-- > > a friend recently sent me a PGP/MIME encrypted/signed message from > k-mail 1.13.7. > > enigmail decrypted it but claimed "bad signature". > > Looking at it in more detail, i see that the message is structured > like this: > > A └┬╴multipart/encrypted B ├─╴application/pgp-encrypted attachment > C └─╴application/octet-stream inline [msg.asc] > > but decrypting C shows that inside C is: > > D └┬╴multipart/signed E ├─╴text/plain F > └─╴application/pgp-signature [signature.asc] > > > The OpenPGP layer in C is *just encryption* -- no OpenPGP > signature, which (i think) is why enigmail shows "bad signature". > > But the signature F is correct when calculated over E. > > I think enigmail's usual mechanism for constriction of PGP/MIME > messages has part C contain the signature as well as encryption, > and then part D is just the message itself. > > Both approaches seem valid from the perspective of RFC 3156, > though the enigmail construction seems simpler. > > But i'm concerned because it seems like enigmail ought to be able > to parse the kmail construction, at least if the top-level > cleartext part is itself multipart/signed.
Enigmail can decrypt/verify both methods. However, unless you use Enigmail 1.7 (or nightlies) KMail emails cannot be verified correctly. See bug 209 (https://sourceforge.net/p/enigmail/bugs/209/) - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQEVAwUBU8ADgsk25cDiHiw+AQid1wf+I56b80bJuOk+GE+md6PfIP9IWeZBg9LZ mKw4t3KqTOoSBvXRKJajdAVyjzvX5KQq7AzDLHc3eciCQOedrIeNWshT/Rp7X0wN KGrxC8BZMgwIvVTeyDJcWPawq3IoP1lgOpGkf2TKl0oc7+tWTtBT2f+1H27JtoPc 4v4ErxQ315Yp3wjx5017JOEC2m6T3uXeMlGGnuYmaU4V0EXNHU60+sp+pog+CQrI KY5qJLct1JBibnTAf5mITzevabxLd+aQH0N7193YFAgFY24dCpj/GriYVCyAqY09 MZtTBALwsIqUMZbU7yrFwlqo44uazuzT8uXgrBVfmQ78xm2ZyZ5vcg== =eLF8 -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
