[prev in list] [next in list] [prev in thread] [next in thread]
List: exmh-users
Subject: Re: On PGP bug, again :-(
From: Ben Escoto <benscott () mcs ! net>
Date: 1997-08-29 4:25:21
[Download RAW message or body]
>>>>> "Michele" == Michele Bini <mbini@dada.it>
>>>>> wrote the following on Thu, 28 Aug 1997 16:01:18 +0200
Michele> Again, this is PGP that automatically turns off text mode
Michele> when it processes what it believes to be binary data (I'm
Michele> going to think that PGP tries to be too smart).
This makes sense. Perhaps the solution is not to use text
mode when signing. I think the Mew author took this approach,
probably with good reason.
There are some other recommended steps that exmh does not
take. For instance, if a line ends in spaces, it is recommended that
the message be quotable/printable encoded for added safety.
Michele> Anyway, I don't really understand why PGP text mode causes
Michele> problems: if PGP believes that the message is binary then
Michele> it will both check and verify in binary mode, and the
Michele> signature should be fine.
I'm not sure if verification is done in text mode or not, but
it wouldn't matter - by unix convention, lines end in LF only, while
the PGP/MIME standard requires them to end in CRLF.
If a message is signed in text mode, the signature is computed
as if all the lines ended in CRLF. When exmh checks a signature, it
inserts a CR in each line before checking. If you signed in binary,
the CR's would be specifically absent, and would not match the
reconstructed signed text.
--
Ben Escoto
PGP/MIME mail welcome - finger bescoto@leland.stanford.edu for key
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic