Thank you. I had been sending messages out today, feeling that maybe they were ending up for whatever reason not being readable by people who had read other messages.
Those concerns *seem* to be unfounded (though I only have one person to confirm that, it just seems enough confirmation that I'm not concerned). Will look at your link though... On 2016-02-24 15:13, Daniel Kahn Gillmor wrote: > Hi there-- > > On Wed 2016-02-24 17:37:32 -0500, Datse Multimedia Information wrote: >> When I opened Thunderbird today I received a message about the use of >> PGP-MIME as the new "default setting". The "old" recommednation was >> that inline PGP (at least for signed messages, though not nescesarily >> for messages which are encrypted) was more compatable. > > That decision has been a contentious one for years, and the balance has > tipped in favor of well-structured PGP/MIME messages. > > A (non-exhaustive) list of arguments against inline PGP signatures is > here: > > https://dkg.fifthhorseman.net/notes/inline-pgp-harmful/ > > It's probably not worth re-kindling a flamewar here about this topic. > >> With an inline PGP message I see that the message is sent with a pretty >> standard text based message. > > Most "standard" messages today are not just plain text, especially not > raw US-ASCII. even the text/plain messages are often base64-encoded or > quoted-printable-encoded UTF-8. But most messages today aren't just > text/plain, much as some of us wish they were: they're text/html, or > multipart/alternative, or they have attachments, etc. PGP/MIME handles > all of those forms in a sensible fashion. > >> The problem that I see is that with inline MIME, there is an increased >> risk of not being able to verify signatures which *should* be valid, or >> the rendering of the email to be impossible to decrypt. > > When you say "inline MIME", i'm assuming you mean "inline PGP". > > There are lots of ways to break signatures; inline PGP signatures can > (and are) easily broken by MTAs as well. This is in the nature of > cryptographic signature schemes -- any byte added or removed anywhere in > the part can actually break the signature. > > Regards, > > --dkg > -- Jigme Datse Yli-Rasku [email protected] (Preferred address for new messages) 250-505-6117 Jigme Datse Yli-Rasku PO Box 270 Rossland, BC V0G 1Y0 Canada ....................................................................... ... This message should be electronically signed, and if the sender ... ... has your public key, may also be encrypted. ... ... If you have any questions about this, please email, or call. ... ... ... ... Note, unknown calls likely will go to voicemail. ... ... Please leave a message if you get voicemail. ... .......................................................................
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
