On 08.02.18 15:04, Michael Carbone wrote: > On 01/12/2018 10:13 AM, Patrick Brunschwig wrote: >> On 12.01.18 14:58, Lachezar Dobrev wrote: >>> 2018-01-04 19:00 GMT+02:00 Lachezar Dobrev <[email protected]>: >>>> 2018-01-04 17:07 GMT+02:00 Patrick Brunschwig <[email protected]>: >>>>> The question is, what is the text that is above and below the decrypted >>>>> message. I try not to display the warning if the message was completely >>>>> inline-PGP encrypted, but that's pretty hard to do in the message >>>>> composition window (where the original message is no longer available). >>>>> >>>>> You could also ask your peers to install K-9 (plus OpenKeychain), or >>>>> R2Mail2. Both can create and read PGP/MIME messages just fine. >>>>> >>>>> -Patrick >>>> >>>> Ahh! I think I saw something! >>>> I have a signature configured in my Thunderbird Account. When >>>> Thunderburd attaches it it adds -- as separator, so the footer ends up >>>> like: >>>> """ >>>> -- >>>> Lachezar Dobrev >>>> etc. etc. >>>> """ >>>> When I disabled the signature responding to an Inline-PGP no longer >>>> displays the warning. >>>> >>>> Thunderbird manages -- signatures by removing them from the message >>>> that is being replied to before quoting it and adding the new >>>> signature below the quoted (and signature-stripped) original mail. >>>> Does that make sense? >>>> >>>> Steps to reproduce: >>>> - Open account settings >>>> - Put some text in the 'Signature Text' >>>> - Send an encrypted mail to one's self >>>> - Reply to the encrypted message >>>> - Observe the warning. >>> >>> Is there any progress on this? >> >> No, I didn't look into it. > > FYI I am finding the warning happens every time I respond to someone who > uses Mailvelope (with gmail for example) and who has an automatic footer > as described by Lachezar -- so the received email is inline PGP text, > with uencrypted footer at bottom. > > I think the error description is really poor at communicating anything > useful to the user, here is another attempt: > > """ > The message you are replying to contained both unencrypted and encrypted > parts. If the sender was not able to decrpyt some message parts > originally, you may be leaking confidential information that the sender > was not able to originally decrypt themselves by quoting the original > message. Please consider removing all quoted text from your reply to > this sender. > """
Thanks, that's a good suggestion for inline-PGP messages (there are other types of messages where your suggestion won't work, but these are specially manually crafted messages that no mail client would produce). -Patrick
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
