Re: [gpgtools-users] Mail does not validate my own signatures
Hi Alex On Thu, 03 Feb 2011 07:53 +0100, "Alexander Willner" wrote: > On 03.02.2011, at 03:37, Raphael 'kena' Poss wrote: > > I checked with GPGMail disabled (not in the Bundles directory), and I see > > that Mail.app still breaks the content header with GPGMail disabled. So > > this behavior seems not specific to GPGMail. > > Neither it seems to be specific to Apple Mail since I cannot reproduce > this issue (see below). Not sure why your message gets modified - maybe > you've using slightly different mail servers in Mail and Thunderbird? > Does it help to rename Library/Preferences/com.apple.mail.plist and > reconfigure Mail.app? The mail server is the same in Mail and Thunderbird. As another data point, I sniffed the IMAP traffic between Mail and the server, and I also confirm that the content header is on a single line at the point it comes from IMAP into Mail.app. (btw, all these tests are made with Mail 4.4 build 1082.) However you were on the right track. I think I found where the issue lies. Here is the path through the experiment: I tried with another Mac running 10.6.6 and the same Mail build. I configured the same mail server, once over SSL and once over plain IMAP. In both cases, the content header is wrapped. Then I created a blank OS X user account on that other Mac with a virgin Mail install (as you suggested) and there the content header is still wrapped. Then I checked your idea to use a different mail server. I redirected the message to a different e-mail account and I downloaded it using that different account's server on the 2nd Mac. Surprise! Then the header is *not* wrapped. Then I install GPGMail and the signature does validate properly. So I got back to the 1st Mac with GPGMail and I connect to this 2nd e-mail server. Alas, then the header is wrapped again! To summarize: Mac 1Mac 2 Server 1 broken broken Server 2 broken OK Now, I tried to make another blank OS X user account, and I tried again. And then it was, the header was not wrapped in either server 1 nor server 2! That got me thinking and I browsed through the differences between my first test account above and this new one. They were both identical, except for *one* option: "do not keep copies of the messages nor attachments" in Mail's account preferences. I checked all my previous experiments and I can confirm this: in all my situations the content header is wrapped if and only if caching is disabled. Now what to do with that? I certainly don't want to enable caching of my main inbox on any computer. Thanks in advance for any comments or suggestions. -- Raphaël Kena Poss ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Raphaël, tough issue. On 03.02.2011, at 10:09, Raphaël Kena Poss wrote: > I also confirm that the content header is on a single line at the point it > comes from IMAP into Mail.app. and > the content header is wrapped if and only if caching is disabled. So I guess the workflows are: 1. Working: composing mail -> signing it -> sending it -> others can validate it 2. Working?: someone else composes a mail -> signs it -> sends it -> you download this message -> you can validate it (e.g. this mail) 3. Problem: composing mail -> signing it -> sending it -> download your own message -> you can validate it I case that (2) is working I cannot see why (3) doesn't. Assuming you're not using any filters to modify your own mails I guess this might worth a bug report to Apple. Btw: could you sign your reply once? Best regards, Alex -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAk1Kc5sACgkQ3RyQelD+nTIosACgzCvXTHOP4ZFk17ZP39Ib+35C 5dcAn3CxajAoBcKoYb1Xq2HYnhWREUK1 =h95Q -END PGP SIGNATURE- ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
(and again using PGP/MIME) Hi Raphaël, tough issue. On 03.02.2011, at 10:09, Raphaël “Kena” Poss wrote: > I also confirm that the content header is on a single line at the point it > comes from IMAP into Mail.app. and > the content header is wrapped if and only if caching is disabled. So I guess the workflows are: 1. Working: composing mail -> signing it -> sending it -> others can validate it 2. Working?: someone else composes a mail -> signs it -> sends it -> you download this message -> you can validate it (e.g. this mail) 3. Problem: composing mail -> signing it -> sending it -> download your own message -> you can validate it I case that (2) is working I cannot see why (3) doesn't. Assuming you're not using any filters to modify your own mails I guess this might worth a bug report to Apple. Btw: could you sign your reply once? Best regards, Alex PGP.sig Description: This is a digitally signed message part ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
Op 3 feb 2011, om 10:21 heeft Alexander Willner het volgende geschreven: > So I guess the workflows are: > 1. Working: composing mail -> signing it -> sending it -> others can validate > it > 2. Working?: someone else composes a mail -> signs it -> sends it -> you > download this message -> you can validate it (e.g. this mail) This mail (PGP inline), yes. The other mail (OpenPGP), no. > 3. Problem: composing mail -> signing it -> sending it -> download your own > message -> you can validate it yes > > I case that (2) is working I cannot see why (3) doesn't. Assuming you're not > using any filters to modify your own mails I guess this might worth a bug > report to Apple. > > Btw: could you sign your reply once? sure. -- k PGP.sig Description: Dit deel van het bericht is digitaal ondertekend ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Op 3 feb 2011, om 10:59 heeft Raphael 'kena' Poss het volgende geschreven: >> 2. Working?: someone else composes a mail -> signs it -> sends it -> you >> download this message -> you can validate it (e.g. this mail) > > This mail (PGP inline), yes. > > The other mail (OpenPGP), no. To clarify: if I leave the message on the server, then PGP inline works and OpenPGP does not. If I download the messages, then both signatures verify. At least for your example e-mails. - -- k -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: https://www.biglumber.com/x/web?pk=9B3290AB2972C92BBAFAB69C236E4E505024FAE3 iEYEAREDAAYFAk1KfN0ACgkQRoOteLWdVhqvtACfclqrLRfp4pQqFtUau9UC03DY 0gsAn0CSBU1OvaCe+IFGJdbDKNqdB7ng =Fiex -END PGP SIGNATURE- ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
Hi, On 3 Feb 2011, at 02:37, Raphael 'kena' Poss wrote: > Hi again, > > I think I nailed this bug. Basically, Mail.app improperly changes the MIME > content headers upon receiving from the mail server. In particular, the > following in the signed message body: > > """ > Content-Type: text/plain; charset=us-ascii > """ > > gets changed to: > > """ > Content-Type: text/plain; > charset=us-ascii > """ > > i.e. "charset=..." gets moved to the next line, with a TAB character. [etc] Nothing wrong with that (see RFC 2822). However, the RFC also says: "Each header field should be treated in its unfolded form for further syntactic and semantic evaluation." ie GPGMail should unfold headers before processing further. -- Bob Bishop +44 (0)118 940 1243 r...@gid.co.ukfax +44 (0)118 940 1295 mobile +44 (0)783 626 4518 ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
On 03.02.2011, at 11:01, Raphael 'kena' Poss wrote: > If I download the messages, then both signatures verify. At least for your > example e-mails. Confirmed your issue. Let see what Apple says. I guess: nothing. smime.p7s Description: S/MIME cryptographic signature PGP.sig Description: This is a digitally signed message part ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
Hi, I wrote: > Nothing wrong with that (see RFC 2822). [etc] RFC 2822 is obsolete and I should of course have referenced RFC 5322 which says exactly the same thing. Apologies -- Bob Bishop r...@gid.co.uk ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
On Thu, 03 Feb 2011 11:09 +0100, "Alexander Willner" wrote: > Confirmed your issue. Let see what Apple says. I guess: nothing. Well as Bob notes maybe there is something to do on GPGMail's side as well. Would that also happen? -- Raphaël Kena Poss ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
> Well as Bob notes maybe there is something to do on GPGMail's side as > well. Would that also happen? If someone wants to work on this[1] issue, yes. I think it would not be a huge code change. But our "team" is surprisingly small - so I wouldn't expect to see a fix any time soon. But I've the feeling that you would be able to help here ;) Best regards, Alex [1] http://gpgtools.lighthouseapp.com/projects/65764/tickets/125 On 03.02.2011, at 12:24, Raphaël Kena Poss wrote: > > > On Thu, 03 Feb 2011 11:09 +0100, "Alexander Willner" > wrote: >> Confirmed your issue. Let see what Apple says. I guess: nothing. > > Well as Bob notes maybe there is something to do on GPGMail's side as > well. Would that also happen? > -- > Raphaël Kena Poss > > ___ > gpgtools-users mailing list > gpgtools-users@lists.gpgtools.org > FAQ: http://www.gpgtools.org/faq.html > Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users > Unsubscribe: > http://lists.gpgtools.org/mailman/options/gpgtools-users/a...@willner.ws?unsub=Unsubscribe&unsubconfirm=1 > > This email sent to: a...@willner.ws smime.p7s Description: S/MIME cryptographic signature PGP.sig Description: This is a digitally signed message part ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
Re: [gpgtools-users] Mail does not validate my own signatures
Header is wrapped on my system with caching enabled in mail. [10.6.6 up to date] On Feb 3, 2011, at 4:09 AM, Raphaël Kena Poss wrote: > Hi Alex > > On Thu, 03 Feb 2011 07:53 +0100, "Alexander Willner" > wrote: >> On 03.02.2011, at 03:37, Raphael 'kena' Poss wrote: >>> I checked with GPGMail disabled (not in the Bundles directory), and I see >>> that Mail.app still breaks the content header with GPGMail disabled. So >>> this behavior seems not specific to GPGMail. >> >> Neither it seems to be specific to Apple Mail since I cannot reproduce >> this issue (see below). Not sure why your message gets modified - maybe >> you've using slightly different mail servers in Mail and Thunderbird? >> Does it help to rename Library/Preferences/com.apple.mail.plist and >> reconfigure Mail.app? > > The mail server is the same in Mail and Thunderbird. As another data > point, I sniffed the IMAP traffic between Mail and the server, and I > also confirm that the content header is on a single line at the point it > comes from IMAP into Mail.app. > > (btw, all these tests are made with Mail 4.4 build 1082.) > > However you were on the right track. I think I found where the issue > lies. Here is the path through the experiment: > > I tried with another Mac running 10.6.6 and the same Mail build. I > configured the same mail server, once over SSL and once over plain IMAP. > In both cases, the content header is wrapped. > > Then I created a blank OS X user account on that other Mac with a virgin > Mail install (as you suggested) and there the content header is still > wrapped. > > Then I checked your idea to use a different mail server. I redirected > the message to a different e-mail account and I downloaded it using that > different account's server on the 2nd Mac. Surprise! Then the header is > *not* wrapped. Then I install GPGMail and the signature does validate > properly. > > So I got back to the 1st Mac with GPGMail and I connect to this 2nd > e-mail server. Alas, then the header is wrapped again! > > To summarize: > > Mac 1Mac 2 > Server 1 broken broken > Server 2 broken OK > > Now, I tried to make another blank OS X user account, and I tried again. > And then it was, the header was not wrapped in either server 1 nor > server 2! > > That got me thinking and I browsed through the differences between my > first test account above and this new one. They were both identical, > except for *one* option: "do not keep copies of the messages nor > attachments" in Mail's account preferences. > > I checked all my previous experiments and I can confirm this: in all my > situations the content header is wrapped if and only if caching is > disabled. > > Now what to do with that? I certainly don't want to enable caching of my > main inbox on any computer. > > Thanks in advance for any comments or suggestions. > -- > Raphaël Kena Poss > > ___ > gpgtools-users mailing list > gpgtools-users@lists.gpgtools.org > FAQ: http://www.gpgtools.org/faq.html > Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users > Unsubscribe: > http://lists.gpgtools.org/mailman/options/gpgtools-users/james.cut...@consultant.com?unsub=Unsubscribe&unsubconfirm=1 > > This email sent to: james.cut...@consultant.com James R. Cutler james.cut...@consultant.com ___ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com