Kevin J. McCarthy wrote: > David Champion wrote: > > > If the signature was checked, I think it would be useful to keep this > > > information at the same time the attachment is deleted. > > > > It looks like I forgot to post part of my thinking: when taking > > action that invalidates a signature, we should change the signature > > to application/invalidated-pgp-signature or somesuch (and leave the > > signature content as-is). Then they can delete the sig if they wish. > > Determining the applicable signatures could be... interesting when > more than one is involved (e.g. nested forwarded signed emails with > attachments). I wonder if the effort is worth it? > > On the other hand, simply printing a warning that the signature may be > invalidated when any attachment is deleted (if the SIGN or PARTSIGN bit > is set in the header) seems comparatively easy. The attached patch > seems to work.
Hi David and Vincent, What are your feelings about just printing the warning for now? While both your suggestions have merit, I think there's quite a bit more work involved in them, and it would be a shame to let this request languish because of that. Nothing prevents adding additional functionality to this later. -Kevin
signature.asc
Description: PGP signature
