Hi Enigmail folks-- When I send encrypted e-mail with Enigmail and i choose to protect the Subject, it inserts a text/rfc822-headers part that i've been calling "legacy-display" (we used to call it "force-display", but i think that was a misnomer, since protected-header-aware clients do *not* display it).
I believe the intent of that part is to render any protected headers to
recipients who use legacy clients that are capable of decryption, but
not capable of parsing the protected headers found directly in the
cryptographic payload itself.
Currently, enigmail puts From, To, Cc, and Subject in that
legacy-display part.
If the point of the part is just to display things that might otherwise
be hidden when viewing the message with a legacy client, i think it is
only appropriate to put the Subject: in there. Otherwise, the
additional non-protected fields (From:, To:, and Cc:) are redundant with
those seen from outside the message.
I've seen this cause confusion for people who say that they think that
they've received a forwarded message or something like that. If the
legacy-display part only contained the Subject: line (and that line
differed from the outside subject), then i think it would be clearer to
those users that what they're seeing is the intended subject, rather
than a full-blown forwarded message.
I've proposed this change with a patch on the enigmail-2.0-branch here:
https://gitlab.com/enigmail/enigmail/merge_requests/38
I notice that the master branch no longer emits the legacy-display part;
it was removed in a7784d695d105ba210c77220ffcdc6fa83d25a85, due to the
confusion that it causes, according to the commit message, so this
change doesn't apply to the master branch.
Shipping no legacy-display part at all (as the master branch does) means
that a protected Subject header of an encrypted message will be
completely invisible to a message recipient using a legacy client
capable of decryption but incapable of parsing protected headers.
Pretty much every day i receive messages that would be uninterpretable
if i could not read their Subject: line, so i'm not comfortable
suggesting that drop legacy-display from the stable enigmail 2.0 branch
entirely, but i think the minimization proposed in MR 38 is a good way
to reduce the confusion that motivated their removal on master.
--dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
