> PGP/INLINE is handled only if the pgp > data is the very first non-whitespace content, otherwise it won't be > decrypted.
^ This is exactly what ProtonMail does as well. Sent from ProtonMail, encrypted email based in Switzerland. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On May 19, 2018 9:47 AM, Patrick Brunschwig <[email protected]> wrote: > > > In the light of the Efail vulnerability I am asking myself if it's > > really needed to decrypt non-regular types of emails at all. In other > > words, should we decrypt a multipart/encrypted MIME part at all if we > > detect an irregular MIME structure? > > If we would not decrypt irregular MIME structures, there cannot be an > > issue with HTML displaying. This would be a good thing, if you're an > > addon and you can't change the application you live in. I know that some > > mail clients do this already, but all those clients that are affected by > > Efail apparently don't. > > I would consider the following "regular" MIME structures: > > 1. top-level MIME part is multipart/encrypted. > 2. an attached email (Content-Type = message/rfc822) containing a > > multipart/encrypted MIME part as direct child. > > Does anyone know of other relevant types of message structures? > > Does anyone see a reason why NOT to do that? > > -Patrick > > > openpgp-email mailing list > > [email protected] > > To unsubscribe or make changes to your subscription click here: > > https://admin.hostpoint.ch/mailman/listinfo/openpgp-email_enigmail.net > > Autocrypt mailing list > > Post: [email protected] > > List info: https://lists.mayfirst.org/mailman/listinfo/autocrypt > > To Unsubscribe > > Send email to: [email protected] > > Or visit: > https://lists.mayfirst.org/mailman/options/autocrypt/bartbutler%40protonmail.ch > > You are subscribed as: [email protected] _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
