[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Who is doing S/MIME enveloping in KMail - gnupg2 or KMail?
From: Nicholas Sushkin <nsushkin () users ! sourceforge ! net>
Date: 2011-12-21 18:24:27
Message-ID: 2222495.JQnm4heRr8 () strela
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi, Aaron,
KMail 2.1.1 KDE 4.6.5 gpgsm (GnuPG) 2.0.17 libgcrypt 1.4.6 libksba 1.2.0
I send a signed unencrypted email. iPad and Outlook-web recipients cannot see
the body of my email, only seeing the smime.p7m attachment. I am getting angry
responses implying to stop using SMIME. I am looking at the email source and
comparing to SMIME signed emails other people send from Outlook, Thunderbird,
and Apple Mail that can be read on iPad and Outlook-web. I am also looking at
the SMIME RFC http://tools.ietf.org/html/rfc3851#section-3.4
It seems that KMail is using saying Content-Type: multipart/signed and is
using "SignedData format" option of sending out a signed email. It seems that
that's against the RFC. The way I understand RFC is that if you do "SignedData
format", you need to specify MIME Type "aplication/pcks7-mime".
So, I am wondering whether KMail can create signed only messages using the
multipart/signed correctly, so that clients that do not support SMIME can
properly display them.
I found a related bug filed in KMail
https://bugs.kde.org/show_bug.cgi?id=280245 and commented on it, but I am not
sure if the problem may be with gpgsm instead.
Aaron Toponce <aaron.toponce@gmail.com> wrote:
> On Wed, Dec 21, 2011 at 10:48:35AM -0500, Nicholas Sushkin wrote:
> > Hi, I think there is a bug in the way KMail is doing S/Mime envelop for
> > signed but not encrypted messages. I'd like to follow through, but I am
> > not sure if it's gnupg or KMail, which is the proper forum. Does anyone
> > (Werner) know by any chance?
>
> Can you explain more? I'm assuming you're using GnuPG 2.0, seeing as though
> 1.4.* does not support S/MIME. Or are you confusing S/MIME with PGP/MIME?
> What errors are you seeing? What are you trying to do? Et cetera.
>
> Thanks,
--
Nick
[Attachment #5 (unknown)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" \
"http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" \
content="1" /><style type="text/css"> p, li { white-space: pre-wrap; }
</style></head><body style=" font-family:'Droid Sans Mono'; font-size:9pt; \
font-weight:400; font-style:normal;"> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">Hi, Aaron,</p> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;"><br /></p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">KMail 2.1.1 KDE 4.6.5 gpgsm (GnuPG) 2.0.17 \
libgcrypt 1.4.6 libksba 1.2.0</p> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;"><br /></p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">I send a signed unencrypted email. iPad and \
Outlook-web recipients cannot see the body of my email, only seeing the smime.p7m \
attachment. I am getting angry responses implying to stop using SMIME. I am looking \
at the email source and comparing to SMIME signed emails other people send from \
Outlook, Thunderbird, and Apple Mail that can be read on iPad and Outlook-web. I am \
also looking at the SMIME RFC http://tools.ietf.org/html/rfc3851#section-3.4</p> <p \
style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> \
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">It seems that KMail is using \
saying Content-Type: multipart/signed and is using "SignedData format" \
option of sending out a signed email. It seems that that's against the RFC. The way I \
understand RFC is that if you do "SignedData format", you need to specify \
MIME Type "aplication/pcks7-mime".</p> <p style="-qt-paragraph-type:empty; \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">So, I am wondering whether \
KMail can create signed only messages using the multipart/signed correctly, so that \
clients that do not support SMIME can properly display them.</p> <p \
style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> \
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">I found a related bug filed \
in KMail https://bugs.kde.org/show_bug.cgi?id=280245 and commented on it, but I am \
not sure if the problem may be with gpgsm instead.</p> <p \
style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br /></p> \
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Aaron Toponce \
<aaron.toponce@gmail.com> wrote:</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> On Wed, Dec 21, 2011 at 10:48:35AM -0500, \
Nicholas Sushkin wrote:</p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> > Hi, I think there is a bug in the way KMail is doing \
S/Mime envelop for</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > \
signed but not encrypted messages. I'd like to follow through, but I am</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > not sure if it's \
gnupg or KMail, which is the proper forum. Does anyone</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> > (Werner) know by any chance?</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> </p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Can you explain more? \
I'm assuming you're using GnuPG 2.0, seeing as though</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> 1.4.* does not support S/MIME. Or are you \
confusing S/MIME with PGP/MIME?</p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> What errors are you seeing? What are you trying to do? Et \
cetera.</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> </p> \
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Thanks,</p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">-- </p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Nick</p></body></html>
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic