On Thu, 2002-01-24 at 17:53, John Gateley wrote: > I have a GPG signature that works in mutt > but not in Evolution, and it is NOT an > inline signature: it comes in two MIME > parts, one for the body and one for the > signature, just like Evolution does. Are > there any known bugs with Evolution that > would cause this?
Unfortunately the PGP/MIME specification says that the mime content and headers must be treated as opaque. This means that you must feed the raw message parts to the pgp program. The way Evolution works is that it decodes messages into a MIME structure for easier display/etc. When we go to verify the message, we do CamelMimePart::write_to_stream() and it takes the Mime part's structure and writes it to the stream. The problem comes in because write_to_stream() is not guarenteed to write the MIME part out exactly byte-for-byte the way it was in the original message (it's usually very close - the problem is usually the QP encoding of the content, some clients wrap lines at fewer chars-per-line than our encoder does). IMHO, the PGP/MIME specification needs to be changes so that applications don't need to treat the content and headers as opaque. IMHO this is a flaw in the specification. It is known that there exist MTAs and MUAs alike (ie, not just Evolution) that parse the mime structure and rewrite it and thus cannot ensure that the result is exactly the same as the input. The raw content will be the same, but god knows about the encoded content. I think that if the PGP/MIME spec isn't going to change, that it should at LEAST enforce base64 encoding (every base64 encoding implementation should produce exactly the same output because the base64 rules are pretty strict, but the QP rules are not - there are a ton of ways to QP encode the same data and each of them can have a different result). If this really bothers you, feel free to take a stab at it. I'd be willing to help and provide advice/etc but I can't do it alone, it's just too much work. > > I also got mail from CERT today, and that > signature fails because it is an inline > signature. Is there any progress towards > making Evolution work with these? No. We are accepting patches though ;-) Jeff -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com _______________________________________________ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
