On Fri, Nov 27, 2009 at 10:06:31PM -0500, Todd Zullinger wrote: > If you call check-traditional-pgp on this message, is this text lost?
No, actually... > It is for me and I would call it a bug. I can see why you'd say that, but I don't agree (regardless of the fact it's not happening for me). See below. > Derek Martin wrote: > > I have pgp_auto_decode set, and additionally I unset it and manually > > executed check-traditional-pgp, and I saw the above text in all cases. > > So unless I misunderstood you, it seems my Mutt behaves differently > > from yours... > > Hmmm. I can reproduce it using mutt -n -F /dev/null. It also doesn't seem to > matter whether I use the gpgme backend or the classic backend. It is curious, I agree... but not curious enough for me to go looking into why. ;-) If it works that way now, it would seem your problem is solved! Otherwise... > > But besides that, check-traditional-pgp is not intended to work with > > MIME messages... > > I've seen this problem when there is no PGP-MIME involved. Or did > you mean any MIME? Yes, I mean with any MIME. PGP predates MIME by about a year, as far as I can tell. So-called "traditional" PGP was intended to be used entirely within the message body, because at the time it was created there was *only* a message body. :) So as soon as you start adding MIME parts, you've sort of broken that model... It should still work, more or less, by passing the message text (or the part of it that contains the PGP block) to PGP/GPG... but as far as mail programs go, you may get unexpected results. Don't forget that until very recently (in computer history terms) most mailers couldn't handle PGP at all, and some still can't without downloading add-ons (some of which don't do a particularly good job). In the early days of PGP, it was basically expected that you would have to do something "special" (e.g. manually pipe your message to pgp) to process e-mails sent that way, and virtually all mailers at the time would show you exactly what was there: the plain text message, including whatever PGP blocks were in the message. In 1991, most people were still reading e-mail with a program like BSD mail. :) So you would have seen the bits that were not inside the signed and/or encrypted message body, if there had been any. However, having traded both signed and encrypted e-mails with a variety of folks for years, I never saw such a message. I can't say no one ever did it -- but I can say I've traded thousands of such messages, and never seen it done. Historically, any mailer I'd seen that had any PGP support built in would basically do the same thing you would do manually: punt the message to PGP, and hand you the results in its viewer or an editor. There never was any text outside the PGP portions -- including text outside the PGP block would have broken replies for pretty much everyone -- so this problem was a non-issue. Besides, mixing encrpyted and unencrypted data in an e-mail is probably a bad idea... it presents more opportunities for accidental leakage of secret data. In Mutt, the way to make it punt the message to pgp was to exec check-traditional-pgp... I hacked up the pgp_auto_decode feature because I got sick of pressing esc-P on every message in (certain of) my mailboxes. Mutt, of course, does not predate MIME, and we also have proper handling of all of the standards involving PGP and MIME, and by now everyone should be using that... ideally. :-/ If you're going to use MIME (and you *should*), you should follow the standard for using PGP with MIME. If you're going to include in-line PGP inside MIME messages, you should probably expect that your mailer might get confused, cuz it's the Wrong Thing (TM) (some mailers don't handle in-line PGP at all, IIRC Evolution is an example, or was for a while at least). I should amend that by saying if you're going to include in-line PGP anywhere in a message, DON'T. ;-) It might be nice if Mutt could handle this better, but it's not a bug, and basically amounts to incorrect user expectation. If you take all that into consideration, I think it's the right call to leave it alone, and pressure your peers to stop doing things that are broken / obsolete. Or, if it's already "fixed" in the dev tree, that's great too... use that. But if it turns out that it's only "working" by accident, I'd personally rather folks spend time on things that will really improve Mutt, like improving new/unread mail handling. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpg0wdkenKxy.pgp
Description: PGP signature