On Mon, Sep 04, 2000 at 02:27:29PM -0700, kmself@ix.netcom.com wrote: > > A "me-too". I've encountered the same issue. My technical fix has been > to respond: > > It's a GPG signed message in MIME format. Why does it do that and > how can I fix it -- I don't know and I don't care. Here's a dime, > get a real mail client.
mutt signs the message using RFC 2015, but win* mailers are not RFC fscking compliant. and before anyone says `export regs' that is not relevant, supporting RFC 2015 does not require any cryptographic code, it requires crypto to VERIFY the signature NOT to display the plain unencrypted text. > It's been observered that PGP *doesn't* create mime attachments while > GPG does. Despite my ignorant and apathetic inclinations to this wrong, PGP plugins for win* and macos mailers usually just in-line sign the message instead of using the much more reliable RFC 2015. (IME in-line signing gets trashed far too easily which makes the sig not verify) you can turn on RFC 2015 signing in PGP and it will sign the message the exact same way as mutt+GPG do. the PGP/MIME is done by mutt not by GPG. (RFC 2015 is MIME which is the MUAs job not GPG's) the REAL problem is all the broken MUAs and mail clients that do not support RFC 2015, if you use such a mailer tell your vendor to fix this brokenness. > problem, if there is an easy fix to allow GPG signatures without > mime-attaching the content, I'd appreciate data. you want an easy fix, there is none, there is an inconvenient fix, add: ## non mime macro for broken clients macro compose \CP "Fgpg --clearsign\ny" to your ~/.muttrc then after you compose your message turn GPG signing OFF (p, f in mutt) then hit control p and type your passphrase when asked. this will create a in-line GPG signature without the MIME. there are some problems with this: 1) its not automatic in mutt, you must manually enter that command for each and every message. 2) since its not really mutt doing the work you lose the passphrase memory cache, you have to type your passphrase for EVERY SINGLE MESSAGE. if you write alot of mail this gets old fast. 3) in-line signatures are more fragile then the MIME version so your messages are less likely to be verifyable. (sp?) 4) not really your problem but mutt will not auto verify mail signed this way, you can fix this with a procmail recipe however. (available on request) for me i only use the above macro for the (very few) people i am sympathetic to all others get the `get a non-broken client that speaks RFC' as for not signing mail all the time, that defeats the purpose of signing at all, for signing to really be effective it must be uncharacteristic for you to send unsigned mail. (the only time i don't sign it is when sshed from a host i don't entirely trust and not wanting my passphrase to go through it's untrusted keyboard.) BTW: your Mail-Followup-To is still broken: user `karsten' does not exist on my system. -- Ethan Benson http://www.alaska.net/~erbenson/
pgp4773JrFmBF.pgp
Description: PGP signature
