Le 30/07/2025 à 15:05, Werner Koch a écrit :
On Mon, 28 Jul 2025 22:02, JL said:
I wanted to open a ticket on GPGME because thunderbird team says they
can't encode email using 8bit mime because of GPGME not handling
TB is again using GPGME? Did they finally drop their own implementation
and turned back to Enigmail or made the (gpgme based) optional GnuPG
support finally working?
of course not ;) they still have their builtin openPGP,
I've another open ticket on this :
https://bugzilla.mozilla.org/show_bug.cgi?id=1977346
for some reason, it's possible to use gpg, but they take only one key
(the "sign and certificate type", not the "cipher")
but for the 8bit mime issue, the code state gpgME.....
https://searchfox.org/comm-central/rev/73897d5732eac86ed38bd521ca6f4610a4411186/mail/extensions/openpgp/content/ui/enigmailMsgComposeOverlay.js#1309-1326
yes would be really nice if they could drop their builtin openPGP,
because it's brocken as hell.... they re-invent the wheel, having to
implement gpg-agent like to secure the keys (right now the default
behavior is "protecting with the master password" but the master
password is never asked to be set, so the default behavior is... storing
the key unprotected... O_o!
they are adding some protection, by keeping the key password, but again,
this is key duplication, and since there is no agent, you have to enter
the password each time you access a ciphered message.
We encode TB of binary data using gpgme without any problems. So what
is this about? Your are using the legacy in-line format for signed PGP
messages? *Stop doing this!* Use PGP/MIME - this is the only sane way
to sign messages since the mid 90ies. And you won't run into any
encoding problems because MIME (e.g. its 8 bit support) does this for
you. MIME is the right layer for encoding stuff. *PGP cares about
signing and encryption - another layer on top of it.
here what I get when sending a signed message :
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------O0jQavEJzad0tdgqdlXTuPu2
Content-Type: multipart/mixed;
boundary="------------FWDnkJ83p73oQajQk66iKNQY";
protected-headers="v1"
From: XXXXXXX
Reply-To: XXXXX
To: YYYYYY
Message-ID:<8176a3b2-bafa-4339-8776-7768e72a0...@dolce-energy.com>
Subject: ZZZZZZ
--------------FWDnkJ83p73oQajQk66iKNQY
Content-Type: multipart/mixed;
boundary="------------0P7Lzttz257BGejWVIjUJ380"
--------------0P7Lzttz257BGejWVIjUJ380
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
Zg0KDQo=
--------------0P7Lzttz257BGejWVIjUJ380
Content-Type: application/pgp-keys; name="OpenPGP_0xC732933F7F1D313F.asc"
Content-Disposition: attachment; filename="OpenPGP_0xC732933F7F1D313F.asc"
Content-Description: OpenPGP public key
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP PUBLIC KEY BLOCK-----
<......>
-----END PGP PUBLIC KEY BLOCK-----
--------------0P7Lzttz257BGejWVIjUJ380--
--------------FWDnkJ83p73oQajQk66iKNQY--
--------------O0jQavEJzad0tdgqdlXTuPu2
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
<some ASCII DATA>
-----END PGP SIGNATURE-----
--------------O0jQavEJzad0tdgqdlXTuPu2--
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
