On 09.11.17 19:22, Daniel Kahn Gillmor wrote: > Hi Patrick-- > > Thanks for documenting this. > > On Sun 2017-11-05 12:06:54 +0100, Patrick Brunschwig wrote: >> We *only* display signature information if *all* of the following >> conditions are satisfied: > > One thing not covered by this discussion is how enigmail will deal with > signatures that do not cover the entire message (for example, if mailman > wraps the message body in a multipart/mixed and appends a footer). > > Assuming that the signature over the subpart meets all of the other > requirements you've already enumerated, I recommend one of two choices > in that case: > > A) not showing the signature at all (so that users don't have to guess > at which part of the message was actually signed) > > B) indicating the valid signature, but treating the signed part as the > entire message body (that is, suppressing the unsigned part so that > it is not shown to the user). > > If option (B) is taken, then optionally a button could be added > "[display message as received]" that would convert the display to option > (A).
That's a very important point. Option B is not possible without hacking deeply into Thunderbird - I would not know how to go that way. I think the following variant of A is a good compromise: If the *first* displayed MIME part is signed, then the signature is shown with an indication that only the 1st message part is signed. If any other MIME part is signed, then no information about the signature is displayed. -Patrick
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
