> The following pgp signature block is not handled correctly. > > I can post it to paste bin if you want it without the cruft of e-mail. > But the bug/feature has to do with the "NotDashEscaped:" > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > NotDashEscaped: You need GnuPG to verify this message
Please check OP-01-009 of https://cure53.de/pentest-report_openpgpjs.pdf This is not seen as a valid header. Thomas On Mon, Apr 21, 2014 at 12:37 AM, Tim Prepscius <[email protected]> wrote: > The following pgp signature block is not handled correctly. > > I can post it to paste bin if you want it without the cruft of e-mail. > But the bug/feature has to do with the "NotDashEscaped:" > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > NotDashEscaped: You need GnuPG to verify this message > > Hi > > > On Thursday 17 April 2014 at 7:14:21 PM, in > <mid:[email protected]>, Ingo Kl=F6cker wrote: > > > >> Sure. One could do this. But I don't see the point of >> encrypting an individual copy for each To/Cc >> recipient. The only additional information a single >> message encrypted for all To/Cc recipients gives the >> recipients is the list of key IDs of the other >> recipients. Under very special circumstances this >> could be undesirable, > > And could be avoided with --throw-keyids. > > > >> but under those special >> circumstances one probably also doesn't want to have >> all recipients listed in To/Cc. So, we are back to >> using Bcc > > My opinion is that it is usually a good idea to > err on the side of caution and use BCC, but in certain specific > circumstances it is acceptable to use multiple entries in To or CC. > > > >> or sending completely indiviual messages. > > Tha mailer to which I was referring actually did send completely > individual messages, when you told it to encrypt a message that had > multiple recipients. > > > -- > Best regards > > MFPA mailto:[email protected] > > A closed door is an invitation to knock > -----BEGIN PGP SIGNATURE----- > > iPQEAQEKAF4FAlNQMdtXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl > bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 > N0VDQTAzAAoJEKipC46tDG5pIpYEAINFaDN9hZhpCgI1aHt34w9oW6xqjrLWIvf/ > NI9Qug3UL+g6t8PngJvjD44zhxekLZIVatjx5+bZlif6aXAnwjpt6nBdF7z/03A9 > fPhXhwG6YKFGmGcl9YkYiNls3vVSp0ZzyM4MWP14bALcA7nm2moHlgM5y0h48PRD > bYoOHfGe > =3Dxsrr > -----END PGP SIGNATURE----- > _______________________________________________ > > http://openpgpjs.org > Subscribe/unsubscribe: http://list.openpgpjs.org _______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
