[Evolution-hackers] Post-1.0 PGP wishlist (was Re: [Evolution] pgp unusable?)
On Thu, 2001-11-29 at 15:33, Jeffrey Stedfast wrote: THIS IS A BUG IN GPG! gpg tells us everything went fine, so Evolution has no way of knowing that it didn't encrypt to all the recipients we told it to encrypt to, thus it's not our fault. Yuck. There's actually several of these bugs, probably all in GPG. 1) Mail to people with unsigned keys silently encrypts to the sender only. 2) Signature verification of unvalidated keys shows a big success icon (but the accompanying text warns about the problem). 3) I *think* that e-mail to people without keys also encrypts to sender only. Anyway, I'm a fairly intensive GPG user, so I have a few features on a wishlist. All of these are security-related. A) The ability to save a passphrase for (say) 10 minutes without saving it indefinitely. This lets me read mail without endlessly retyping my (really long) passphrase, but doesn't allow me to accidentally save it when I walk away from the computer for a few hours. B) The ability to encrypt all mail to certain addresses by default. There are several people to whom I should *always* encrypt my e-mail, for security reasons. But every once in a while, I'll forget to check the box on the menu. Very, very bad. C) The option to encrypt all responses to encrypted e-mail. If somebody sent me something encrypted, it's presumably private. But if Evolution quotes the original message in my reply, and I forget to check the menu box, I'm screwed. I've convinced Mutt to handle case (B) and (C). But Evolution is much nicer mailer than Mutt, and I'd like to be able to use it without taking quite so many security risks. I'm a US citizen, so I don't know if I can contribute code to this effort. But if were legal for me to do so, I'd be more than happy to help. Thank you for all your cool PGP-hackery. Cheers, Eric ___ evolution-hackers maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution-hackers
Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 22:39, Thomas O'Dowd wrote: Evolution currently has problems verifying inline PGP signed messages from mailers when they are qp'd by a gateway along the way. Mutt doesn't have that problem so I'm suggesting being liberal (as it is inline pgp anyway) and unencode first then verify which is what other mailers seem to do. We *do* decode the text before trying to verify the signature. With regards to sending 8bit signed inline pgp emails, I haven't tested what is the best thing to do yet, but it looks like sign and then qp is what will work with most email clients. I'm sure there are loads of people who'll appreciate it if we get this working with the big email clients. I don't have direct access to other windows clients but I'll hand create some test emails to friends and see what works. Based on the fact that you thought evolution *didn't* decode the text before verifying, when it actually does - I assume that the correct way is actually the opposite of what you say ;-) here we are again at the who's right and who's wrong? argument. It's a guessing game, like I already said. And you can never win guessing games. Period. If you want this feature, send me a patch. This way if it doesn't always work, no one can point the finger at me. I don't want to deal with it. PGP/MIME has gotten enough complaints because other mailers didn't do *it* right, do you really think that they can all get in-line pgp right if they can't get PGP/MIME right? Didn't think so. I declare this the end of the thread, any further emails will be redirected to /dev/null Jeff -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
[Evolution-hackers] Re: [Evolution] pgp unusable?
Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 05:25, Levente Farkas wrote: hi, and at last gpg simple unusable with evolution. when I try send an encripted mail with evo (I have to go to the menu and click on a menu item, it would be much simpler if I able to check it somewhere within the composer window and I always be able to see wheter it will be encrypted or not). so after I send a mail it put into the sent mail encrypted with my public key (which is ok), BUT evo send it to the others too!! the mail which was send to the recipients should have to be encrypted the recipients' public key (since they dont have my private key:-) even I try to shitch of tools/mail settings/edit/security/ Always encrypt to myself when sending ecrypted mail the thing just getting worse since if any error occure during pgp evo. don't send mail. again try to look at pine (and in this case others using outlook can read you encrypted messages) which send inline non multipart and correctly encrypted (others with their public key, into sent folder with your public key) mails. I even try to play with .gnupg/options: encrypt-to [EMAIL PROTECTED] default-key [EMAIL PROTECTED] both works with pine but neither with evo (I try to commnet/uncommnet both line). It works for me... although someone reported a bug saying that when a recipient's gpg key is not signed, when sending them encrypted mail, it only encrypts to the sender's key. yes it's true thre recipient's gpg key is not signed! THIS IS A BUG IN GPG! in this case it should have to report to gpg gpg tells us everything went fine, so Evolution has no way of knowing that it didn't encrypt to all the recipients we told it to encrypt to, thus it's not our fault. How is your pine configured to use gpg? does it pass the --always-trust argument to gpg? I didn't make Evolution do that because I figured it might be considered bad, but I think other mail clients might be doing that. there is a -at option which is not in the manual but I assume it is the same as --always-trust. another thing about gpg. I read the page http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/faq.php?p_sid=I-nT5o1gp_lva=p_li=p_gridsort=p_row_cnt=27p_prod_lvl1=2p_page=3p_page2=1#q-25 which simple not true! that way evo sign/encrypt mail is a standard way, but not the only one. the way like pine do inline pgp message would be very simple to implement and can be readable by other mailers like pine, netscape, outlook, eudora. these mailer are the biggest part of the world. I agree with you that the default should have to be the standard way but usability is another and very important reason (that's why so many people use kde:-(() In-line pgp mode is a broken way to do it - so many things can go wrong. Should I first QP/Base64 encode the text before signing? or should I do it afterward? Do I From-escape before? afterward? ever? Do I CRLF encode before signing? do what most inline mailer do! if you already non-standard the try to be the most usable. No mailer does it the same, they all have their own pseudo-standard way of doing it. That is why we don't do it, because it's broken. but most mailer support it and the current case almost unusable since just other evo user can use read my mails:-( at least an option to use the non-standard inline version would be useful. -- Leventehttp://petition.eurolinux.org/index_html The only thing worse than not knowing the truth is ruining the bliss of ignorance. ___ evolution-hackers maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution-hackers
[Evolution-hackers] Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 05:25, Levente Farkas wrote: hi, and at last gpg simple unusable with evolution. when I try send an encripted mail with evo (I have to go to the menu and click on a menu item, it would be much simpler if I able to check it somewhere within the composer window and I always be able to see wheter it will be encrypted or not). so after I send a mail it put into the sent mail encrypted with my public key (which is ok), BUT evo send it to the others too!! the mail which was send to the recipients should have to be encrypted the recipients' public key (since they dont have my private key:-) even I try to shitch of tools/mail settings/edit/security/ Always encrypt to myself when sending ecrypted mail the thing just getting worse since if any error occure during pgp evo. don't send mail. again try to look at pine (and in this case others using outlook can read you encrypted messages) which send inline non multipart and correctly encrypted (others with their public key, into sent folder with your public key) mails. I even try to play with .gnupg/options: encrypt-to [EMAIL PROTECTED] default-key [EMAIL PROTECTED] both works with pine but neither with evo (I try to commnet/uncommnet both line). It works for me... although someone reported a bug saying that when a recipient's gpg key is not signed, when sending them encrypted mail, it only encrypts to the sender's key. THIS IS A BUG IN GPG! gpg tells us everything went fine, so Evolution has no way of knowing that it didn't encrypt to all the recipients we told it to encrypt to, thus it's not our fault. How is your pine configured to use gpg? does it pass the --always-trust argument to gpg? I didn't make Evolution do that because I figured it might be considered bad, but I think other mail clients might be doing that. another thing about gpg. I read the page http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/faq.php?p_sid=I-nT5o1gp_lva=p_li=p_gridsort=p_row_cnt=27p_prod_lvl1=2p_page=3p_page2=1#q-25 which simple not true! that way evo sign/encrypt mail is a standard way, but not the only one. the way like pine do inline pgp message would be very simple to implement and can be readable by other mailers like pine, netscape, outlook, eudora. these mailer are the biggest part of the world. I agree with you that the default should have to be the standard way but usability is another and very important reason (that's why so many people use kde:-(() In-line pgp mode is a broken way to do it - so many things can go wrong. Should I first QP/Base64 encode the text before signing? or should I do it afterward? Do I From-escape before? afterward? ever? Do I CRLF encode before signing? No mailer does it the same, they all have their own pseudo-standard way of doing it. That is why we don't do it, because it's broken. You could try implementing in-line pgp and sending us a patch. Jeff ___ evolution-hackers maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution-hackers
[Evolution-hackers] Re: [Evolution] pgp unusable?
The problem is that you guys don't fully understand the problem, to you it sounds as simple as just pipe it to pgp or gpg and whallah but it's not that simple. Well, not if you expect the other end to be able to verify your signatures at least. Sure, I could just pipe to pgp/gpg, but if the other end can't verify the signature, what good is it? People have been just piping it to pgp for a decade. It Just Works most of the time. Really. -- Dan ___ evolution-hackers maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution-hackers
Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 20:15, Thomas O'Dowd wrote: It takes care of escaping the ^From for you so you don't have to worry about it. That's nice, but it doesn't take care of QP encoding it and I'm not too sure that it CRLF encodes it either. Jeff -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
On Thu, Nov 29, 2001 at 08:33:42PM -0500, Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 20:15, Thomas O'Dowd wrote: It takes care of escaping the ^From for you so you don't have to worry about it. That's nice, but it doesn't take care of QP encoding it and I'm not too sure that it CRLF encodes it either. Hi Jeff, the -t option on pgp takes care of the crlf issue for you. With respect to the quoted printable, you sign first, then if you want everything 7bit clean you qp it. The receiving mailers will unqp it first if the header is there. Unfortunately for evolution, you don't do this so the signature won't validate. I would argue that evolution is wrong in this case. You might argue that this is exactly the problem with one mailer doing this and the other mailer doing something else, but I think this is the only rule that actually makes sense. (ie, unqp and then validate or sign and then qp depending on which way you are going) Take the example where your mta server accepts 8bit and the mailer pgp signs your message leaving it as 8bit. If it goes 8bit all the way to the receiver there is no problem. Then, there is the problem where an intermediatory mta will decide to translate your 8bit mail to qp. This is pretty normal, it will add the quoted-printable header and your mailer will recieve the mail. If they don't unqp it first then pgp won't validate, which is why the majority of mailers handling inline pgp, unqp first before passing it to pgp for validation. I think evolution is doing the wrong thing here. Tom. -- Thomas O'Dowd. - Nooping - http://nooper.com [EMAIL PROTECTED] - Testing - http://nooper.co.jp/labs ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 21:27, Thomas O'Dowd wrote: On Thu, Nov 29, 2001 at 08:33:42PM -0500, Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 20:15, Thomas O'Dowd wrote: It takes care of escaping the ^From for you so you don't have to worry about it. That's nice, but it doesn't take care of QP encoding it and I'm not too sure that it CRLF encodes it either. Hi Jeff, the -t option on pgp takes care of the crlf issue for you. With respect to the quoted printable, you sign first, then if you want everything 7bit clean you qp it. The receiving mailers will unqp it first if the header is there. Unfortunately for evolution, you don't do this so the signature won't validate. I would argue that evolution is wrong in this case. You might argue that this is exactly the problem with one mailer doing this and the other mailer doing something else, but I think this is the only rule that actually makes sense. (ie, unqp and then validate or sign and then qp depending on which way you are going) Take the example where your mta server accepts 8bit and the mailer pgp signs your message leaving it as 8bit. If it goes 8bit all the way to the receiver there is no problem. Then, there is the problem where an intermediatory mta will decide to translate your 8bit mail to qp. This is pretty normal, it will add the quoted-printable header and your mailer will recieve the mail. If they don't unqp it first then pgp won't validate, which is why the majority of mailers handling inline pgp, unqp first before passing it to pgp for validation. I think evolution is doing the wrong thing here. You might try reading rfc2015 before saying Evolution does the wrong thing, rfc2015 (PGP/MIME) specifies that the client MUST QP/Base64 encode the content before signing. So no, we are not wrong at all. Jeff Tom. -- Thomas O'Dowd. - Nooping - http://nooper.com [EMAIL PROTECTED] - Testing - http://nooper.co.jp/labs ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 21:27, Thomas O'Dowd wrote: On Thu, Nov 29, 2001 at 08:33:42PM -0500, Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 20:15, Thomas O'Dowd wrote: It takes care of escaping the ^From for you so you don't have to worry about it. That's nice, but it doesn't take care of QP encoding it and I'm not too sure that it CRLF encodes it either. Hi Jeff, the -t option on pgp takes care of the crlf issue for you. With respect to the quoted printable, you sign first, then if you want everything 7bit clean you qp it. The receiving mailers will unqp it first if the header is there. Unfortunately for evolution, you don't do this so the signature won't validate. I would argue that evolution is wrong in this case. You might argue that this is exactly the problem with one mailer doing this and the other mailer doing something else, but I think this is the only rule that actually makes sense. (ie, unqp and then validate or sign and then qp depending on which way you are going) Take the example where your mta server accepts 8bit and the mailer pgp signs your message leaving it as 8bit. If it goes 8bit all the way to the receiver there is no problem. Then, there is the problem where an intermediatory mta will decide to translate your 8bit mail to qp. This is pretty normal, it will add the quoted-printable header and your mailer will recieve the mail. If they don't unqp it first then pgp won't validate, which is why the majority of mailers handling inline pgp, unqp first before passing it to pgp for validation. I think evolution is doing the wrong thing here. You might try reading rfc2015 before saying Evolution does the wrong thing, rfc2015 (PGP/MIME) specifies that the client MUST QP/Base64 encode the content before signing. So no, we are not wrong at all. Jeff Tom. -- Thomas O'Dowd. - Nooping - http://nooper.com [EMAIL PROTECTED] - Testing - http://nooper.co.jp/labs ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 05:25, Levente Farkas wrote: hi, and at last gpg simple unusable with evolution. when I try send an encripted mail with evo (I have to go to the menu and click on a menu item, it would be much simpler if I able to check it somewhere within the composer window and I always be able to see wheter it will be encrypted or not). so after I send a mail it put into the sent mail encrypted with my public key (which is ok), BUT evo send it to the others too!! the mail which was send to the recipients should have to be encrypted the recipients' public key (since they dont have my private key:-) even I try to shitch of tools/mail settings/edit/security/ Always encrypt to myself when sending ecrypted mail the thing just getting worse since if any error occure during pgp evo. don't send mail. again try to look at pine (and in this case others using outlook can read you encrypted messages) which send inline non multipart and correctly encrypted (others with their public key, into sent folder with your public key) mails. I even try to play with .gnupg/options: encrypt-to [EMAIL PROTECTED] default-key [EMAIL PROTECTED] both works with pine but neither with evo (I try to commnet/uncommnet both line). It works for me... although someone reported a bug saying that when a recipient's gpg key is not signed, when sending them encrypted mail, it only encrypts to the sender's key. yes it's true thre recipient's gpg key is not signed! THIS IS A BUG IN GPG! in this case it should have to report to gpg gpg tells us everything went fine, so Evolution has no way of knowing that it didn't encrypt to all the recipients we told it to encrypt to, thus it's not our fault. How is your pine configured to use gpg? does it pass the --always-trust argument to gpg? I didn't make Evolution do that because I figured it might be considered bad, but I think other mail clients might be doing that. there is a -at option which is not in the manual but I assume it is the same as --always-trust. another thing about gpg. I read the page http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/faq.php?p_sid=I-nT5o1gp_lva=p_li=p_gridsort=p_row_cnt=27p_prod_lvl1=2p_page=3p_page2=1#q-25 which simple not true! that way evo sign/encrypt mail is a standard way, but not the only one. the way like pine do inline pgp message would be very simple to implement and can be readable by other mailers like pine, netscape, outlook, eudora. these mailer are the biggest part of the world. I agree with you that the default should have to be the standard way but usability is another and very important reason (that's why so many people use kde:-(() In-line pgp mode is a broken way to do it - so many things can go wrong. Should I first QP/Base64 encode the text before signing? or should I do it afterward? Do I From-escape before? afterward? ever? Do I CRLF encode before signing? do what most inline mailer do! if you already non-standard the try to be the most usable. No mailer does it the same, they all have their own pseudo-standard way of doing it. That is why we don't do it, because it's broken. but most mailer support it and the current case almost unusable since just other evo user can use read my mails:-( at least an option to use the non-standard inline version would be useful. -- Leventehttp://petition.eurolinux.org/index_html The only thing worse than not knowing the truth is ruining the bliss of ignorance. ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
On Thu, 2001-11-29 at 05:25, Levente Farkas wrote: hi, and at last gpg simple unusable with evolution. when I try send an encripted mail with evo (I have to go to the menu and click on a menu item, it would be much simpler if I able to check it somewhere within the composer window and I always be able to see wheter it will be encrypted or not). so after I send a mail it put into the sent mail encrypted with my public key (which is ok), BUT evo send it to the others too!! the mail which was send to the recipients should have to be encrypted the recipients' public key (since they dont have my private key:-) even I try to shitch of tools/mail settings/edit/security/ Always encrypt to myself when sending ecrypted mail the thing just getting worse since if any error occure during pgp evo. don't send mail. again try to look at pine (and in this case others using outlook can read you encrypted messages) which send inline non multipart and correctly encrypted (others with their public key, into sent folder with your public key) mails. I even try to play with .gnupg/options: encrypt-to [EMAIL PROTECTED] default-key [EMAIL PROTECTED] both works with pine but neither with evo (I try to commnet/uncommnet both line). It works for me... although someone reported a bug saying that when a recipient's gpg key is not signed, when sending them encrypted mail, it only encrypts to the sender's key. THIS IS A BUG IN GPG! gpg tells us everything went fine, so Evolution has no way of knowing that it didn't encrypt to all the recipients we told it to encrypt to, thus it's not our fault. How is your pine configured to use gpg? does it pass the --always-trust argument to gpg? I didn't make Evolution do that because I figured it might be considered bad, but I think other mail clients might be doing that. another thing about gpg. I read the page http://support.ximian.com/cgi-bin/ximian.cfg/php/enduser/faq.php?p_sid=I-nT5o1gp_lva=p_li=p_gridsort=p_row_cnt=27p_prod_lvl1=2p_page=3p_page2=1#q-25 which simple not true! that way evo sign/encrypt mail is a standard way, but not the only one. the way like pine do inline pgp message would be very simple to implement and can be readable by other mailers like pine, netscape, outlook, eudora. these mailer are the biggest part of the world. I agree with you that the default should have to be the standard way but usability is another and very important reason (that's why so many people use kde:-(() In-line pgp mode is a broken way to do it - so many things can go wrong. Should I first QP/Base64 encode the text before signing? or should I do it afterward? Do I From-escape before? afterward? ever? Do I CRLF encode before signing? No mailer does it the same, they all have their own pseudo-standard way of doing it. That is why we don't do it, because it's broken. You could try implementing in-line pgp and sending us a patch. Jeff ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
The problem is that you guys don't fully understand the problem, to you it sounds as simple as just pipe it to pgp or gpg and whallah but it's not that simple. Well, not if you expect the other end to be able to verify your signatures at least. Sure, I could just pipe to pgp/gpg, but if the other end can't verify the signature, what good is it? People have been just piping it to pgp for a decade. It Just Works most of the time. Really. -- Dan ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
On Thu, Nov 29, 2001 at 08:10:15PM -0500, Jeffrey Stedfast wrote: On Thu, 2001-11-29 at 19:50, Thomas O'Dowd wrote: On Thu, Nov 29, 2001 at 03:33:32PM -0500, Jeffrey Stedfast wrote: In-line pgp mode is a broken way to do it - so many things can go wrong. Should I first QP/Base64 encode the text before signing? or should I do it afterward? Do I From-escape before? afterward? ever? Do I CRLF encode before signing? Sure, its broken but everyone does it. I've had to do it for ages now because my windows loving friends have too much trouble reading the standard. Anyway, I don't quite see the problems that you see with implementing it at least not with pgp. I've never used gpg so I don't know about it. Here are some answers to your questions. to just encrypt mailtext | pgp +verbose=0 +encrypttoself +batchmode -feat RECEIVERS or to sign and encrypt mailtext | pgp +verbose=0 +encrypttoself +batchmode -feast RECEIVERS If you do this then, it will sign, encrypt, handle the line feeds and encode everything in the correct order. About From escaping, why would you ever do it in a client? It is only a storage requirement for mbox mail spools. If you are talking about archival in the sent folder, then you never have to worry about that with PGP encrypted text as you won't find the combo ^From in the encoded text. I wasn't talking about encrypting...obviously with encrypting I don't have to worry about the problems I mentioned, but I *do* have to worry about them when I am just signing the text. The reason the client should do From-escaping when signing is to make it so that the client on the other end doesn't have to From-escape. Why would you wanna do that? Because if the other end has to From-escape (because it uses mbox or something), then it won't be able to verify the signature. the PGP/MIME specification suggests that clients do this, but seeing as how there isn't a spec for doing it in-line - who's to say what you should and shouldn't do? The problem is that you guys don't fully understand the problem, to you it sounds as simple as just pipe it to pgp or gpg and whallah but it's not that simple. Well, not if you expect the other end to be able to verify your signatures at least. Sure, I could just pipe to pgp/gpg, but if the other end can't verify the signature, what good is it? Hi Jeff, Good point but if you tried it you would see... that you also don't need to worry about it at least with PGP 6.5.8. I've indented this example: $ cat test EOF this is a test From me to you EOF Now lets pgp sign it and see what we get... $ pgp -ast test $ cat test.asc -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 this is a test - From me to you -BEGIN PGP SIGNATURE- Version: PGP 6.5.8 iQA/AwUBPAbdiAVmK8O1hNViEQIC0ACgpjndfv9DftJq3z47a1K8IdQt39oAn2GF Mt0EzASefhVVmqqzmz8HNPI4 =E7Jh -END PGP SIGNATURE- It takes care of escaping the ^From for you so you don't have to worry about it. Tom. -- Thomas O'Dowd. - Nooping - http://nooper.com [EMAIL PROTECTED] - Testing - http://nooper.co.jp/labs ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
Re: [Evolution] pgp unusable?
...and if you're on DOS, piping it to pgp has text in the canonical CRLF format, whereas in Unix it doesn't. Also, if the text contains 8bit text, do we QP encode before or after we sign it? If we QP encode before, will the other mailer know to feed the encoded text to pgp? Or will it assume that it's supposed to feed the decoded text to pgp? Same applies to QP encoding it afterward. You just can't win. Jeff On Thu, 2001-11-29 at 20:14, Dan Winship wrote: The problem is that you guys don't fully understand the problem, to you it sounds as simple as just pipe it to pgp or gpg and whallah but it's not that simple. Well, not if you expect the other end to be able to verify your signatures at least. Sure, I could just pipe to pgp/gpg, but if the other end can't verify the signature, what good is it? People have been just piping it to pgp for a decade. It Just Works most of the time. Really. -- Dan ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution -- Jeffrey Stedfast Evolution Hacker - Ximian, Inc. [EMAIL PROTECTED] - www.ximian.com ___ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
