On 06/29/2012 08:06 AM, Brad Rogers wrote: >> If you ask on Enigmail mailing list, they will tell you that that >> issue is with Mailman (or other mailing list software) which messes up >> with headers and makes PGP/MIME unverifiable. They will also say that > > Headers are outside what is signed, surely?
Mika is more or less right, except it isn't headers -- it's the PGP/MIME attachment separator. Mailman makes a very slight tweak and that's enough to bollix up the signature. This mailing list does not play nice with PGP/MIME, the last time I checked. (For a long time Enigmail's list didn't, either, but that problem has since been fixed.) In general, PGP/MIME with GNU Mailman is always a roll of the dice. <begin speaking-for-Enigmail> And yes, Mika is right: that's why Enigmail recommends inline OpenPGP. We've all seen PGP/MIME break in too many different contexts. For instance, I've seen MTAs that strip off attachments, inspect the attachments for malware, then re-attach them but with very slight differences that break PGP/MIME. I've seen MUAs that can't understand it, mailing list software that breaks it, and so on. PGP/MIME is a superior technical standard, but it's quite fragile. We believe PGP/MIME is the clear choice *if possible*, but given how often it's not possible we recommend inline OpenPGP by default. <end speaking-for-Enigmail> (This message is PGP/MIME signed. I know my system works correctly with PGP/MIME and that neither my MUA nor MTA mangle it. If it's not coming through, the most likely culprit is the list's GNU Mailman installation.)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
