On 10/04/2011 05:11 AM, David Smith wrote: > Possibly a bit off-topic, but... > > Does anyone have any experience of using an MS Exchange server, where it > corrupts PGP-MIME emails by re-encoding the encrypted data in base64? > > If I'm going to complain to our local IT about it, I need some hard > evidence about how it's breaking the PGP-MIME RFC. > > I've attached an example of a mail before and after it's been through > exchange - I've put it in a .tgz to stop any modification by mailservers > en route.
https://tools.ietf.org/html/rfc1847#page-4 suggests that: The entire contents of the multipart/signed container must be treated as opaque while it is in transit from an originator to a recipient. Intermediate message transfer agents must not alter the content of a multipart/signed in any way, including, but not limited to, changing the content transfer encoding of the body part or any of its encapsulated body parts. But the example messages you gave are not multipart/signed -- they're encrypted messages, which are ascii-armored (base64-encoded) blobs in the first place, which are being re-wrapped in another layer of base64. Given that compliant MUAs should strip off the outer layer of base64 before handing the message, i don't think this should be a problem. I'd be more concerned with their switch from Content-Disposition: inline to Content-Disposition: attachment, which seems likely to make compliant MUAs not want to pass the message to an inline renderer at all. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
