Hey all, not meaning to spark up new discussions about this issue (we've had that before). But I really think, the energy invested in this discussion would be better invested in writing mailman tweaks.
Also, someone mentioned, that there already in fact *is* a mailman patch for PGP/MIME to work properly? Do I recall that memory correctly? I'm stunned that this issue keeps coming up. http://www.gnu.org/software/mailman/ says Mailman 2.1.15 has been released on 13-June-2012. Is the patch in question included in that release? Imo, things should rather move forward than stagnate and arguing that a mailing list software breaks PGP/MIME is fine. But as a consequence arguing for a non documented standard (OpenPGP Inline) is strange. I'd rather argue, that mailman needs a fix. Let's not start a war over this. But could someone please elaborate why mailman after such a long time still breaks PGP/MIME? All the best and kind regards, steve Am 29.06.2012 um 17:48 schrieb Robert J. Hansen: > On 06/29/2012 08:06 AM, Brad Rogers wrote: >>> If you ask on Enigmail mailing list, they will tell you that that >>> issue is with Mailman (or other mailing list software) which messes up >>> with headers and makes PGP/MIME unverifiable. They will also say that >> >> Headers are outside what is signed, surely? > > Mika is more or less right, except it isn't headers -- it's the PGP/MIME > attachment separator. Mailman makes a very slight tweak and that's > enough to bollix up the signature. > > This mailing list does not play nice with PGP/MIME, the last time I > checked. (For a long time Enigmail's list didn't, either, but that > problem has since been fixed.) In general, PGP/MIME with GNU Mailman is > always a roll of the dice. > > <begin speaking-for-Enigmail> > > And yes, Mika is right: that's why Enigmail recommends inline OpenPGP. > We've all seen PGP/MIME break in too many different contexts. For > instance, I've seen MTAs that strip off attachments, inspect the > attachments for malware, then re-attach them but with very slight > differences that break PGP/MIME. I've seen MUAs that can't understand > it, mailing list software that breaks it, and so on. > > PGP/MIME is a superior technical standard, but it's quite fragile. We > believe PGP/MIME is the clear choice *if possible*, but given how often > it's not possible we recommend inline OpenPGP by default. > > <end speaking-for-Enigmail> > > (This message is PGP/MIME signed. I know my system works correctly with > PGP/MIME and that neither my MUA nor MTA mangle it. If it's not coming > through, the most likely culprit is the list's GNU Mailman installation.) > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
