#2901: wrong parameter micalg with mutt 1.5.15 and gpgme
I compiled a clean mutt 1.5.15 with gcc 3.4.5 as follows:
{{{
./configure --prefix=/usr \
--build=i386-pc-linux-gnu \
--sysconfdir=/etc \
--localstatedir=/var/lib \
--libdir=/usr/lib \
--libexecdir=/usr/local/mutt \
--enable-imap \
--enable-gpgme \
--disable-pgp \
--disable-smime \
--with-ssl \
--with-mailpath=/var/spool/mail
}}}
I configured crypto as follows:
{{{
set crypt_autoencrypt = no
set crypt_autopgp = yes
set crypt_autosign = yes # default: no
set crypt_autosmime = no # default: yes
set crypt_replyencrypt = yes
set crypt_replysign = yes # default: no
set crypt_replysignencrypted = yes # default: no
set crypt_timestamp = yes
set crypt_use_gpgme = yes # default: no
set crypt_verify_sig = yes
}}}
I don't use S/MIME but GnuPG (parallel 1.4.7, 2.0.4) with GPGME 1.1.4.
Now if I send messages signed (not encrypted) a part of the header looks
like:
{{{
Subject: Mail mit mutt und so
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=SHA1;
protocol="application/pgp-signature"; boundary="/9DWx/yDrRhgMJTb"
Content-Disposition: inline
User-Agent: Mutt/1.5.15 (2007-04-06)
}}}
The Problem ist the parameter "micalg=SHA1". Mozilla Thunderbird/Enigmail
(2.0.0.0 WinXP, Enigmail 0.95.0) doesn't recognizes this. I asked in
newsgroup public.mozdev.enigmail and got this answer:
The problem is with mutt. The content-type that mutt sends is:
Content-Type: multipart/signed; micalg=SHA1; [etc]
However, according to RFC 3156 (and RFC 2015), "the 'micalg' parameter
for the 'application/pgp-signature' protocol MUST contain exactly one
hash-symbol of the format 'pgp-<hash-identifier>', where
<hash-identifier> identifies the Message Integrity Check (MIC) algorithm
used to generate the signature.". I.e. the content-type should be:
Content-Type: multipart/signed; micalg=pgp-sha1; [etc]
Conclusion: mutt sets the wrong parameter for micalg, is "SHA1", should be
"pgp-sha1".
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2901>
