On Mon, Nov 27, 2000 at 11:40:35PM -0800, David Ellement wrote:
[ Background: I was having trouble verifying PGP signatures within mutt. I
thought it might have been a mutt issue, and asked on the mutt list. Now
I think it is a courier issue, hence the Cc: to Sam Varshavchik ]
> Perhaps you would trigger a little more response if you could identify which
> copy of the message are you unable to verify:
>
> - a copy of the message received by the recipient?
> - a copy of the message you received as a cc:/bcc: copy?
> - a copy saved by mutt as the fcc copy?
Ok. I've done some more digging. After I send a signed message, I can
verify the fcc copy. However, I can't verify the cc: copy, and also,
the recipient can't verify the copy he receives. I've traced it down to
the following:
In my Fcc copy of the message, the message content with headers is as follows:
--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
test
--=20
Anand
--Kj7319i9nmIyA2yE
In My cc: copy of the message, and in the recipient's copy, this is how
the message content looks:
--=_18425-975598711-1-2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
test
--=20
Anand
--=_18425-975598711-1-2
The boundary is different because the MTA has re-written
it. Also notice that the order of the Content-Disposition and the
Content-Transfer-Encoding headers is different. If I now manually edit
the Cc: copy (and the recipient also modifies his copy) to make the
order of the headers the same as the original message, THEN the message
signature verifies correctly.
Now I'm not an expert on MIME and PGP, so I don't know who's at fault
here. The author of the MTA I use (courier) says that MTAs are free to
rewrite headers as necessary, while obviously it's causing a problem
for me. I also realise that it's not really a mutt issue at all, so I
will not pursue this issue on the mutt list anymore.
Sam, any comments?
--
Anand
