I have a bug report from a notmuch user that notmuch is unable to verify
the signature on a message with the following mime structure

└┬╴multipart/signed 29717 bytes
 ├┬╴multipart/related 18125 bytes
 │├┬╴multipart/alternative 14402 bytes
 ││├─╴text/plain 2766 bytes
 ││└─╴text/html 11223 bytes
 │└─╴image/jpeg [image001.jpg] 3372 bytes
 └─╴application/pkcs7-signature attachment [smime.p7s] 6979 bytes

The problem seems to be that the outer Content-Type declares

Content-Type: multipart/signed;

while the actual signature part has

Content-Type: application/pkcs7-signature;

gmime quite correctly reports this as a mismatch, but I wonder if it
should be a tolerated mismatch? I saw there is already some attempt in
gmime to alias the two content-types, but I didn't follow the scope of
that aliasing.

Unfortunately I cannot share the message in question, but if needed I
could try to make an artificial test message with the same issue.

All the best,


notmuch mailing list -- notmuch@notmuchmail.org
To unsubscribe send an email to notmuch-le...@notmuchmail.org

Reply via email to