Re: PGP/MIME considered harmful for mobile
On 1/03/11 9:33 AM, David Shaw wrote: That experiment, while interesting, is not relevant to the real Martin / fake Martin situation we've been talking about. If both Real Martin and Fake Martin have the same secret key, then there is no way to tell them apart using signatures. Hang on, maybe I got lost in this thread, but I thought they had different keys, but fake Martin had managed to generate one with the same key ID (possibly the same fingerprint) as real Martin ... right? Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/03/11 8:20 AM, Ingo Klöcker wrote: Of course, my experience is from a time when UTF-8 wasn't used in email. But do the standard mail clients (Outlook, GMail, Thunderbird) really default to UTF-8 nowadays? Expecting people to properly configure their mail clients is an unrealistic dream. No, but some have been saying they will at some nebulous point in the future. So far I still have to change Thunderbird, Firefox and Emacs to use UTF-8 by default. It comes from too many years of people failing to get even my simple surname correct (no, there really *isn't* supposed to be a u in it). I figure people with umlauts, accents and other characters feel the same way. ;) Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Mar 2, 2011, at 10:04 PM, Ben McGinnes wrote: On 1/03/11 9:33 AM, David Shaw wrote: That experiment, while interesting, is not relevant to the real Martin / fake Martin situation we've been talking about. If both Real Martin and Fake Martin have the same secret key, then there is no way to tell them apart using signatures. Hang on, maybe I got lost in this thread, but I thought they had different keys, but fake Martin had managed to generate one with the same key ID (possibly the same fingerprint) as real Martin ... right? The premise (more or less) was that a guy named Martin (RM) was on a mailing list and signed all his mail. After some time, a new guy (FM) shows up and claims that he is, in fact, Martin. FM may have his own key or may not have a key at all. It doesn't matter, because the members of the mailing list can see, by means of RM's signatures, a continuity of communication. They can tell RM apart from FM, simply because only RM can issue the signatures they've been seeing on his messages. Now, there are limits to this technique. They can't tell who is really Martin (i.e. they can't bind the name to a real-world person) without some other information, but in the context of Internet communication that frequently doesn't matter. They can tell which one is the guy they've been talking with for all this time. Which one is *their* Martin, if you like. Despite all the noise in the thread, it's nothing terribly odd. It's just the way nym keys work. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
Op 28-2-2011 23:23, Robert J. Hansen schreef: He then learned that his users thought the banner across the top was just another one of those annoying Flash ads, and they tuned it out. Their senses were dulled by overadvertising. He had better also distributed Adblock Plus to try to counter the sensory overload. -- Met vriendelijke groet, Johan Wevers ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Sunday 27 February 2011, Doug Barton wrote: On 02/27/2011 02:04, Ingo Klöcker wrote: On Saturday, February 26, 2011, MFPA wrote: Hi On Friday 25 February 2011 at 1:45:03 AM, in mid:87lj14x4yo@servo.finestructure.net, Jameson Rollins wrote: Yikes! I thought we were almost done killing inline signatures! Don't revive it now! If PGP/MIME is broken on android, we need to get them to fix it, not go backwards to inline pgp. Using inline PGP signatures means using the simpler and more reliable of the two solutions. The fact that its specification was defined earlier does not mean using inline signatures is a step backwards; PGP/MIME is a complement to pgp inline, not a replacement. The major problem I see with using cleartext signatures in email is the lack for support of non-ASCII text (or, more precisely, character encoding). Can you provide examples that do not work when both the mail client(s) and gnupg are properly configured to use UTF-8? No, sorry. I haven't been using inline PGP signatures for ages and neither do most of the people I exchange emails with. Therefore I cannot provide real world examples. Back when I was still using inline PGP signatures I regularly got replies with a full quote of my inline-signed message where the signature on the quoted message was broken. You might say that it's not relevant because it's just a quote. But I say it is very relevant if such a reply is forwarded to a third party. And also if it isn't forwarded a bad signature is still highly irritating (at least to me). Of course, my experience is from a time when UTF-8 wasn't used in email. But do the standard mail clients (Outlook, GMail, Thunderbird) really default to UTF-8 nowadays? Expecting people to properly configure their mail clients is an unrealistic dream. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 08:27 PM, Robert J. Hansen wrote: FM: [message] RM: Hey, that's not me! I'm me. See? I've signed this with the same cert I've used for everything else on this list. FM: No, I'm the real Martin. I didn't sign up for this mailing list until last week. You signed up here a long time ago and posted messages pretending to be me, so that when I came on the list you could falsely claim to be me! RM: But I'm the real Martin! I've been posting here for months! FM: Prove it. You can't! Therefore, I'm the real Martin. RM: But you can't prove it either! If RM has a substantial amount of signatures on his public key, and FM doesn't, nor does he sign his mail, I'll be more likely to believe that RM is the real deal. Isn't that the whole point of the Web of Trust, or am I missing something here? -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 28, 2011, at 8:18 AM, Aaron Toponce wrote: On 02/27/2011 08:27 PM, Robert J. Hansen wrote: FM: [message] RM: Hey, that's not me! I'm me. See? I've signed this with the same cert I've used for everything else on this list. FM: No, I'm the real Martin. I didn't sign up for this mailing list until last week. You signed up here a long time ago and posted messages pretending to be me, so that when I came on the list you could falsely claim to be me! RM: But I'm the real Martin! I've been posting here for months! FM: Prove it. You can't! Therefore, I'm the real Martin. RM: But you can't prove it either! If RM has a substantial amount of signatures on his public key, and FM doesn't, nor does he sign his mail, I'll be more likely to believe that RM is the real deal. Isn't that the whole point of the Web of Trust, or am I missing something here? Unfortunately, barring the case where you have an actual trust path to either Martin, key signatures don't tell you much. After all, FM could easily make up dozens of fake people keys and use them to sign his key. In this particular case, though, key signatures aren't even necessary - RM just needs to prove that he is the same entity that signed the other messages to the list. That is, he's real in the sense that he is the Martin that the list knows and has been conversing with. What's in a name? That which we call a rose By any other name would smell as sweet. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Mon, Feb 28, 2011 at 09:12:33AM -0500, David Shaw wrote: Unfortunately, barring the case where you have an actual trust path to either Martin, key signatures don't tell you much. After all, FM could easily make up dozens of fake people keys and use them to sign his key. Yes. Understood. I should have mentioned that. However, as you mentioned in a previous subthread, it isn't difficult to parse the dates of the signatures, identify where they've been held, and grab other metadata. If a key has falsified signatures, it should be easy enough to find out. At least the recursion of grabbing keys from keyservers will be rather short for false sigs. At any event, I digress. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/28/11 10:13 AM, Aaron Toponce wrote: If a key has falsified signatures, it should be easy enough to find out. Why? I have never understood the tendency of people, particularly on this list, to assume that people who are technologically skilled and up to no good will not devote more than thirty seconds to coming up with effective methods of skulduggery. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/28/11 9:12 AM, David Shaw wrote: In this particular case, though, key signatures aren't even necessary - RM just needs to prove that he is the same entity that signed the other messages to the list. That is, he's real in the sense that he is the Martin that the list knows and has been conversing with. That depends a lot on what those prior conversations are. If I've built up trust in RM because I think he's been up-front and candid, and FM comes along and presents a credible threat to RM's identity, then yes, I have to revisit my trust decision in RM: I can no longer be confident he's been up-front and candid. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 28, 2011, at 12:01 PM, Robert J. Hansen wrote: On 2/28/11 9:12 AM, David Shaw wrote: In this particular case, though, key signatures aren't even necessary - RM just needs to prove that he is the same entity that signed the other messages to the list. That is, he's real in the sense that he is the Martin that the list knows and has been conversing with. That depends a lot on what those prior conversations are. If I've built up trust in RM because I think he's been up-front and candid, and FM comes along and presents a credible threat to RM's identity, then yes, I have to revisit my trust decision in RM: I can no longer be confident he's been up-front and candid. Well, I suppose that's up to you whether you want to trust RM or not. A question on trustworthiness is outside crypto, and not what the discussion was about here in any event. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Mon, Feb 28, 2011 at 11:58:02AM -0500, Robert J. Hansen wrote: On 2/28/11 10:13 AM, Aaron Toponce wrote: If a key has falsified signatures, it should be easy enough to find out. Why? I have never understood the tendency of people, particularly on this list, to assume that people who are technologically skilled and up to no good will not devote more than thirty seconds to coming up with effective methods of skulduggery. Because all the signatures on the key will be falsified, that can be verified by recursively extracing the signature keys from the keyservers, and examining their signatures. Oh hey, look. The keys are isolate from the rest of the world. Hmm. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 28 February 2011 at 3:02:08 AM, in mid:010b72f5-dcb7-4877-a955-92ca0998b...@jabberwocky.com, David Shaw wrote: It is reasonable that if someone was being masqueraded, that person would speak up and challenge the forger (e.g. Hey, you're not Martin! I'm the real Martin, and I can prove it by signing this message with the same key I've used all along). In John, John and Rob's experiment (if I understand correctly) they didn't post as each other, they simply all signed messages with the same secret key. I'm sure Martin would have something to say *if* he spotted his key's signature on messages he didn't write... - -- Best regards MFPAmailto:expires2...@ymail.com Roses smell better than onions but don't make such good soup -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNbBqznhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pSWAD/32O hF3Ikmifx9fVM3AuXKJghTFT7fNguLnwBpOVtr/B9+766eiouDeaI2RoAehXlA7o mMSmEJkXZHmNparysRNmWwwJJxXnoc/Va5n1X6pzeSN4V1fDuBKwfPsOJUWqER2g NcjqB8+GwH5AQseBka3SLoCQbSLzj+QdL4Gz4Bx5 =1qnL -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/28/11 4:59 PM, MFPA wrote: I'm sure Martin would have something to say *if* he spotted his key's signature on messages he didn't write... Yes: but I suspect that may be a big if. If you see a message is signed by an unknown key 0xDEADBEEF, do you really notice the 0xDEADBEEF and go, hey, that's my own key ID!, or do your eyes just gloss over it? A few years ago, a fellow Ph.D. candidate named Peter was doing some research into new anti-phishing technologies. His research was good: his HCI results were positively stunning. He packaged his anti-phishing toolkit into a Firefox extension. When visiting a page, if the toolkit decided it was probably a phishing page it would display a red bar across the top of the page: This might be a phishing site. He set up an HCI experiment to see how easily people would notice. Of his 25 test subjects (all of whom were regular users -- non-geeks who weren't especially tech-savvy), not one chose to avoid the site when the warning bar came up. In post-experience interviews, *all 25* said they didn't see the bar at all. So, Peter figured he'd make the bar bigger. Same results -- except this time it was like 21, 22, or so, didn't see it. So, Peter figured he'd get really obnoxious. The bar started off at a discreet size, but steadily grew and grew until it took over a full third of the browser window. You had to click on a I know this may be a phishing site, go away! button to close it. 20+ users, if I recall correctly, still didn't report seeing the warning bar at all. Finally, in a fit of deepest, darkest frustration, Peter followed-up with people and asked, WHY? WHY didn't you see this? I couldn't make it more obvious, could I? Did I need to rent out a parade and send up a parachute flare while the Marine Corps Marching Band plays a selection of Sousa marches? He then learned that his users thought the banner across the top was just another one of those annoying Flash ads, and they tuned it out. When Peter told me about this, I didn't believe it. It's a pretty incredible story. But given he'd videotaped the users' interactions with the system... Anyway. The lesson I draw from this is when experts say of course users will notice!, well... it's very likely the users *won't* notice. (ObWarning: I am going on memories that are now a few years old. Doing a little hunting, I see that he published a paper on his experiences. Likarish, Peter, et al. B-APT: Bayesian Anti-Phishing Toolbar, published in _Proceedings of the International Conference on Communications_. He had another paper on a similar thing, BayeShield: Conversational Anti-Phishing User Interface, in the _Proceedings of the Symposium on Usable Privacy and Security_. If you're concerned about this stuff, read Peter's original papers: don't trust my own memory!) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 28, 2011, at 4:59 PM, MFPA wrote: It is reasonable that if someone was being masqueraded, that person would speak up and challenge the forger (e.g. Hey, you're not Martin! I'm the real Martin, and I can prove it by signing this message with the same key I've used all along). In John, John and Rob's experiment (if I understand correctly) they didn't post as each other, they simply all signed messages with the same secret key. I'm sure Martin would have something to say *if* he spotted his key's signature on messages he didn't write... That experiment, while interesting, is not relevant to the real Martin / fake Martin situation we've been talking about. If both Real Martin and Fake Martin have the same secret key, then there is no way to tell them apart using signatures. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 28, 2011, at 5:47 PM, Robert J. Hansen wrote: On 2/28/11 12:10 PM, David Shaw wrote: Well, I suppose that's up to you whether you want to trust RM or not. A question on trustworthiness is outside crypto, and not what the discussion was about here in any event. First it was, even signatures from non-validated keys belonging to non-trusted persons can be significant, because it establishes continuity of communications. Now it's, a question on trustworthiness is outside crypto. You know what? I'm finished with this silliness. You're (again) playing debate club games, and I'm just bored of it. See ya. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/28/11 12:10 PM, David Shaw wrote: Well, I suppose that's up to you whether you want to trust RM or not. A question on trustworthiness is outside crypto, and not what the discussion was about here in any event. First it was, even signatures from non-validated keys belonging to non-trusted persons can be significant, because it establishes continuity of communications. Now it's, a question on trustworthiness is outside crypto. Which is it? Are signatures from non-validated keys belonging to non-trusted persons significant, or is trust outside the world of crypto? Ultimately, it's perfectly reasonable to say I trust that RM is not screwing with me, and I trust that the key with fingerprint [...] really belongs to him, and from there bootstrap into getting significant signatures. But that doesn't invalidate the point of signatures needing (a) be correct, (b) come from validated keys which (c) belong to trusted persons. You're just saying, I will trust whom I will trust, and I am assuming the validity of this key. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* Doug Barton do...@dougbarton.us [110227 05:30]: If you look at the characteristics of the actual messages encrypted mail is very similar whether it's in-line or MIME. It's signed messages that make things interesting because the signature in a MIME message is actually (sort of) an attachment but also sort of not, which is why it confuses simple mail readers like Outlook Express. Encrypted messages differ from signed messages. The percentage of inline-signed messages I receive with bad signatures is much higher than the number of PGP/MIME messages with broken signatures. Despite that, there are MUAs which do not automatically parse every message completely to see if there's inline PGP content in them, but if the see that a message uses PGP/MIME they immediately try to decrypt/verify the message. Martin pgpJv55KyzBlt.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Saturday, February 26, 2011, MFPA wrote: Hi On Friday 25 February 2011 at 1:45:03 AM, in mid:87lj14x4yo@servo.finestructure.net, Jameson Rollins wrote: Yikes! I thought we were almost done killing inline signatures! Don't revive it now! If PGP/MIME is broken on android, we need to get them to fix it, not go backwards to inline pgp. Using inline PGP signatures means using the simpler and more reliable of the two solutions. The fact that its specification was defined earlier does not mean using inline signatures is a step backwards; PGP/MIME is a complement to pgp inline, not a replacement. The major problem I see with using cleartext signatures in email is the lack for support of non-ASCII text (or, more precisely, character encoding). Obviously, using ASCII armor to protect the text from being re-encoded to another encoding is no solution, since this will make inline PGP signed messages much less accessible than PGP/MIME messages. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/26/11 9:24 PM, Jameson Rollins wrote: http://josefsson.org/inline-openpgp-considered-harmful.html * IT DOESN'T HANDLE ATTACHMENTS. That's fine with me: 95%+ of my messages don't require attachments. Any technology that can hit 95% of the use case is fine by me. * IT DOESN'T LIKE CHARACTER ENCODINGS. Works fine for me with Latin-1 and UTF-8. * FORMAT=FLOWED DOESN'T WORK RELIABLY. I don't use format=flowed in the first place. ... and so on and so on. When I look at the objections to inline PGP, the more I realize inline PGP hits the sweet spot for me and for a great many other users. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 12:21 PM, Robert J. Hansen wrote: On 2/26/11 9:24 PM, Jameson Rollins wrote: http://josefsson.org/inline-openpgp-considered-harmful.html * IT DOESN'T HANDLE ATTACHMENTS. That's fine with me: 95%+ of my messages don't require attachments. Any technology that can hit 95% of the use case is fine by me. * IT DOESN'T LIKE CHARACTER ENCODINGS. Works fine for me with Latin-1 and UTF-8. * FORMAT=FLOWED DOESN'T WORK RELIABLY. I don't use format=flowed in the first place. ... and so on and so on. When I look at the objections to inline PGP, the more I realize inline PGP hits the sweet spot for me and for a great many other users. How about inline confuses users who don't know anything about OpenPGP? David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* David Tomaschik da...@systemoverlord.com [110227 19:22]: How about inline confuses users who don't know anything about OpenPGP? 100% agreed. Thank you! Martin pgpOXtxwgzgho.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/27/11 1:13 PM, David Tomaschik wrote: How about inline confuses users who don't know anything about OpenPGP? 1. Why are you sending them signed emails anyway? 2. And seeing strange MIME attachments doesn't confuse people? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 David Tomaschik da...@systemoverlord.com wrote: How about inline confuses users who don't know anything about OpenPGP? Meh. If anything, inline signatures sparked conversation. - -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQFFBAEBCgAvBQJNaqYYKBxBYXJvbiBUb3BvbmNlIDxhYXJvbi50b3BvbmNlQGdt YWlsLmNvbT4ACgkQznkRt/wECI/ixQf+OdKjfR/eeYJAYZ/lZg2YcImYg9fLZ3ih 9q8QklaOFLHRE3zts7B2KQG2lTZrEOZjO061MMbcooqaLWAkYT5lNCSpNNutqPv7 xmn7JBqSwJF3AYrf25nsLcTT0edytrneO+Wq6/TrzhoVgU20lG51DnznggPqQClX 3KpwM7rEZ5L9PKV4X211TTgifM2Jh+SxXGmoTOcaZFgpkoJVRj8wdgXdkUqQPWbl ny5/YLhhIhYwIYB1M+J3aYnep+jUWqe2ykSjtBv28TCgB4NtBuel8DEt+eUQBd2N znZtOA1Cd8x1Z5lbys2ZWlfzgVbtxBNoW7J6GtfiKAq5PItrj7XWHA== =aVXF -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* Robert J. Hansen r...@sixdemonbag.org [110227 20:28]: How about inline confuses users who don't know anything about OpenPGP? 1. Why are you sending them signed emails anyway? I sign *all* my e-mail except for messages sent from my mobile (in that case, my signature tells the receiver why the message is not signed and offers the receiver to request a signed proof of authenticity later) or messages to people who can't receive signed messages (I had a case where e-mails arrived empty because of the MS Exchange/Antivirus/whatever combination at the receivers working place). 2. And seeing strange MIME attachments doesn't confuse people? Less than strange text fragments at the head and the bottom of a message (Some people even think they are being spammed when they see inline PGP data), because an attachment without useful data will rather be ignored. Martin pgpOeUJ0XAMmC.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
Hi, I once hoped the discussion about MIME vs. crufty inline signatures has been settled a long time ago. Today that even Microsoft Outlook handles it correctly for more than 7 years, the new excuse seems to be some buggy new mail applications. I don't buy such an excuse. MIME is so primitive and easy to implement that any application can handle it. In fact it is easier to handle core MIME services correctly than not to do it. An application which does not handle MOSS correctly will for sure be broken in other areas as well. And you trust such buggy code to render HTML mails? It's been more than 15 years that MOSS as been defined: 1847 Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted. J. Galvin, S. Murphy, S. Crocker, N. Freed. October 1995. (Format: TXT=23679 bytes) (Status: PROPOSED STANDARD) PGP/MIME (rfc2015, 1996) is not required to display signed MOSS mails. We should expect that 1847 has been implemented in any MIME aware MUA; in particular as it seems that S/MIME, which is also based on MOSS, does work. Please go an fix these buggy mail applications. I heard rumors that Android is about Free Software and the reason for its success; thus where is the problem? .-) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 02/27/2011 02:37 PM, Martin Gollowitzer wrote: * Robert J. Hansen r...@sixdemonbag.org [110227 20:28]: How about inline confuses users who don't know anything about OpenPGP? 1. Why are you sending them signed emails anyway? I sign *all* my e-mail except for messages sent from my mobile (in that case, my signature tells the receiver why the message is not signed and offers the receiver to request a signed proof of authenticity later) or messages to people who can't receive signed messages (I had a case where e-mails arrived empty because of the MS Exchange/Antivirus/whatever combination at the receivers working place). 2. And seeing strange MIME attachments doesn't confuse people? Less than strange text fragments at the head and the bottom of a message (Some people even think they are being spammed when they see inline PGP data), because an attachment without useful data will rather be ignored. Martin Hey guys, Both camps can argue all day and they're not going to change anyone's mind. Both standards are valid, one doesn't supersede the other, and if you're interested in OpenPGP, you're probably want to run a mail client that can handle both Inline and PGP/Mime messages. If your contacts aren't interested, they should at least be able to read your emails. Which takes us back to the start of this conversation. Apparently Robert's mail client on Android doesn't like PGP/MIME messages, and won't display the body of a PGP/MIME message. Several other people have said that the default mail client shows the message body just fine, and that alternate mail clients like K-9 do the same. Can we narrow down exactly when PGP/MIME is broken on droid phones? Maybe start a new thread where people report their results since this one is getting pretty big and has many side arguments? Subject Android PGP/Mime Test List whether or not your phone displays PGP/Mime messages, the model and manufacturer, droid version, email client and version? I do have a droid, but I don't use email on it. I'll fire up a test account and report back. I suppose if anyone wants to test on an iPhone, Blackberry, or other smartphone, that info would be handy as well. - -- - -Grant Look around! Can you construct some sort of rudimentary lathe? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.18-gitcb2f55e (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCgAGBQJNaq07AAoJEP5F5V2hilTWgxUH/Az030ku4pq+w2pla3LYzElC 6xQNKvNnPplI1IWNXq9Sfi0yf910ti/Y/d+vJUPT5PehZ76gzFyAsHuN5+DX7hux /7gKzxIw+vaMaaZ4KTyieW5rkRgfEYlhDOfGjFo/GIzmXwyI4+wMqZGArdqfaZO/ Mxh7jpbVVrhgbUXZRle6EX7Mzh09M9iVP70sqTFY4ZJxkktvkCNAhBsfFuGvBgW/ dSRgC3QazJpsJrsY6y5ZkWtlBF4QopnMMbO2naG7MmlrfWb9SMvRKOBNAZ6B+MJX Kqnh+RlabokVAsy3DxHa308p1VhSamgGtPy8VBnNhbQOYDW1ASWtPHLspU+TkWg= =VPUx -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/27/11 2:37 PM, Martin Gollowitzer wrote: I sign *all* my e-mail except for messages sent from my mobile (in that case, my signature tells the receiver why the message is not signed and offers the receiver to request a signed proof of authenticity later) or messages to people who can't receive signed messages (I had a case where e-mails arrived empty because of the MS Exchange/Antivirus/whatever combination at the receivers working place). You may want to reconsider this practice. Signatures have value if they are correct, originating from a validated key, belonging to a trusted individual. If any of those are absent the signature is more or less just line noise. You cannot make any logical inferences from a signature that is bad, that comes from a non-validated key, or an untrusted individual. The overwhelming majority of signatures I've seen have been somewhere between irrelevant and useless. People tend to fetishize them something fierce. 2. And seeing strange MIME attachments doesn't confuse people? Less than strange text fragments at the head and the bottom of a message (Some people even think they are being spammed when they see inline PGP data), because an attachment without useful data will rather be ignored. Show me the HCI study, please. This may be a true claim, but I'm not willing to accept it as such on the basis of one person's anecdotal experiences. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Sunday 27 February 2011, Aaron Toponce wrote: David Tomaschik da...@systemoverlord.com wrote: How about inline confuses users who don't know anything about OpenPGP? Meh. If anything, inline signatures sparked conversation. Yeah. I think we should stop this pointless discussion. I doubt that any person was convinced one way or the other by this thread. Apparently, the message that started this thread was a gross overreaction as tests by others who couldn't reproduce the problem on multiple mobiles with multiple mail clients seem to show. I will continue to sign my messages in blue. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 2:48 PM, Robert J. Hansen wrote: 2. And seeing strange MIME attachments doesn't confuse people? Less than strange text fragments at the head and the bottom of a message (Some people even think they are being spammed when they see inline PGP data), because an attachment without useful data will rather be ignored. Show me the HCI study, please. This may be a true claim, but I'm not willing to accept it as such on the basis of one person's anecdotal experiences. Can I see the HCI study that MIME attachments confuse people? ;) David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 12:37 PM, Martin Gollowitzer wrote: I sign *all* my e-mail except for messages sent from my mobile (in that case, my signature tells the receiver why the message is not signed and offers the receiver to request a signed proof of authenticity later) or messages to people who can't receive signed messages (I had a case where e-mails arrived empty because of the MS Exchange/Antivirus/whatever combination at the receivers working place). Not me. I only sign those that I'm willing to stand behind (which is the vast majority), but If I want to go off-the-record, I encrypt the mail with the recipients key and not sign it. I may change the from: header and use Tor, depending on the sensitivity and the need to remain anonymous. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 02:04, Ingo Klöcker wrote: On Saturday, February 26, 2011, MFPA wrote: Hi On Friday 25 February 2011 at 1:45:03 AM, in mid:87lj14x4yo@servo.finestructure.net, Jameson Rollins wrote: Yikes! I thought we were almost done killing inline signatures! Don't revive it now! If PGP/MIME is broken on android, we need to get them to fix it, not go backwards to inline pgp. Using inline PGP signatures means using the simpler and more reliable of the two solutions. The fact that its specification was defined earlier does not mean using inline signatures is a step backwards; PGP/MIME is a complement to pgp inline, not a replacement. The major problem I see with using cleartext signatures in email is the lack for support of non-ASCII text (or, more precisely, character encoding). Can you provide examples that do not work when both the mail client(s) and gnupg are properly configured to use UTF-8? -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 00:25, Martin Gollowitzer wrote: * Doug Bartondo...@dougbarton.us [110227 05:30]: If you look at the characteristics of the actual messages encrypted mail is very similar whether it's in-line or MIME. It's signed messages that make things interesting because the signature in a MIME message is actually (sort of) an attachment but also sort of not, which is why it confuses simple mail readers like Outlook Express. Encrypted messages differ from signed messages. Yes, of course. Not sure how that's relevant. :) The percentage of inline-signed messages I receive with bad signatures is much higher than the number of PGP/MIME messages with broken signatures. If you're using Mutt exclusively, that's likely the problem. My experience is different because I use Thunderbird primarily, and I see a failure rate (very) slightly higher for MIME-signed messages but that's usually because enigmail hasn't done the appropriate EOL munging. I have a set of scripts for PGP on Alpine that render most of those correctly, so the actual failure rate for the signatures themselves is pretty much equal. Despite that, there are MUAs which do not automatically parse every message completely to see if there's inline PGP content in them, but if the see that a message uses PGP/MIME they immediately try to decrypt/verify the message. Once again, while what you're saying may be true, it's not really relevant to the fact that there are a non-trivial number of MUAs in the installed base that simply choke on PGP/MIME. The simple fact is that both types of signatures have valid use cases, and there is really no point in trying to convince people not to use one method or the other. It's equally silly to use disparaging language about either method. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 2:48 PM, Robert J. Hansen wrote: On 2/27/11 2:37 PM, Martin Gollowitzer wrote: I sign *all* my e-mail except for messages sent from my mobile (in that case, my signature tells the receiver why the message is not signed and offers the receiver to request a signed proof of authenticity later) or messages to people who can't receive signed messages (I had a case where e-mails arrived empty because of the MS Exchange/Antivirus/whatever combination at the receivers working place). You may want to reconsider this practice. Signatures have value if they are correct, originating from a validated key, belonging to a trusted individual. If any of those are absent the signature is more or less just line noise. You cannot make any logical inferences from a signature that is bad, that comes from a non-validated key, or an untrusted individual. I disagree with this. Obviously a bad signature doesn't say much (except perhaps check your mail system - it's breaking things), but there is still value in the continuity between multiple signed messages. It's important to not make of that more than it is: for all I know there are 200 people all sharing key 1CF3A917, but it does raise the bar for someone who wants to claim to be Martin. (and insert key ID collision attack here!) David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 27-02-2011 15:30, Martin Gollowitzer escribió: * David Tomaschik da...@systemoverlord.com [110227 19:22]: How about inline confuses users who don't know anything about OpenPGP? 100% agreed. Thank you! IMHO they would be even more confused if they can read the message. And some others see the attached signatures and think Virus! Hit delete, hit delete!. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNatjRAAoJEMV4f6PvczxAYI0IAJtWqRP98Jg6Mu2Hy/xAjTtM Odc4yd3+M45Ujja3JC1JbcjYCCW3AdiQzJ9PwizQ13JLwy+amVWptCzQpixEIjBn h0CkUezcDdkB9PDnGpzb0Y8DJQ3jwcWmsalYhaxn/20iKj8kdQEt32ngwQzFi1Vo 85k2Ysdjb9IkwkTan6M14fFuS//I2fW8QfSaCdsZDF25tGOsTBmpbGdV4KHcQwju AuihTdEO6KsVkbrU3c9OUwiDlVx+e05UpIN2/MKq9kp+BK0N0BYIkxWtHFaIvtg/ Z0GRz4Mq/lMTVdT7sxV8xQGYqiEEpQrky/H3Df0jn922ASmx3bhS4svHo2m3N5U= =IP4u -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 11:36, Werner Koch wrote: Hi, I once hoped the discussion about MIME vs. crufty inline signatures has been settled a long time ago. I love/admire your optimism. :) Today that even Microsoft Outlook handles it correctly for more than 7 years, the new excuse seems to be some buggy new mail applications. [...] There is still a large installed base of MUAs that don't handle PGP/MIME properly, such as Outlook Express. So ... Please go an fix these buggy mail applications. ... is a totally unrealistic way to view the world. There are valid use cases for both types of signatures, hoping that one or the other will go away is equally unrealistic. :) Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 5:17 PM, David Shaw wrote: Can I see the HCI study that MIME attachments confuse people? ;) I would love to see such a study. However, I never made that claim. :) Someone else made the claim PGP/MIME is superior because inline OpenPGP signatures confuse people. Okay, I'll stipulate the latter: but to argue that inline OpenPGP signatures confuse people but PGP/MIME signatures don't (or that they confuse people much less) seems to me to be kind of a stretch. If someone is arguing either that PGP/MIME signatures confuse people more or less than inline OpenPGP signatures, well, it's a neat hypothesis, but I want to see usability data before I'll sign onto that. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
I disagree with this. Obviously a bad signature doesn't say much (except perhaps check your mail system - it's breaking things), but there is still value in the continuity between multiple signed messages. It's important to not make of that more than it is: for all I know there are 200 people all sharing key 1CF3A917, but it does raise the bar for someone who wants to claim to be Martin. I used to believe this, up until John Moore, John Clizbe and I did a small experiment on PGP-Basics. We all shared a certificate and used it to sign our emails. It was literally weeks before anyone noticed. Continuity is a great idea, but based on my own (limited and anecdotal) experience, it does not play a significant role in the real world. Unfortunately, I don't have anything more empirical to stand upon than that one ad-hoc experiment! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 27-02-2011 20:54, Jean-David Beyer escribió: Faramir wrote: ... IMHO they would be even more confused if they can read the message. And some others see the attached signatures and think Virus! Hit delete, hit delete!. ... If someone sees my inline signature and thinks Virus..., let them. If it were a virus, by the time they saw that it would be too late, would it not? Well, I was talking about attached signatures, like in PGP/MIME. But it would be interesting to receive a text saying please compile this virus source code and run it. Thanks Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNaw5DAAoJEMV4f6PvczxA8XIH/3CK1lj4MfcJrcSAPOZ5KjW2 abzAshy1vDY3jI6Vbl87XzqsYtQ4GNmZvFOwDzcLRE7WliSktcKMRPl16JKyIg8b iXBRc6qnK6TKBa3ITG4o/3zlqfuie0tEHVcvIF/u4Oi2ZzVn7hMP1BSmo75u9C+l PLW6gOKq6mC/BvtS2iy1yOQzMbhy0jLxJ2nQw7BpTgCZDA31OJacJTzz0EYqhEBx Im9crWRZDfqltK+PDReu8oz0sASvKXE0dNOMfbgQI5mtkKyZGhwp/rjcaNrRCp1r DIoCao0NRExWadO2jCUr4YOBGa1tHeYE3WFvVAcgdQLuznaNR54W4f8OBVYS6MU= =7+Ji -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
I'm not at all surprised that you had those results. A limited subset of people have support for OpenPGP signatures. A limited subset of those people actually verify signatures. A limited subset of those people actually pay attention to what those signatures say. Yes: but one would hope that on PGP-Basics those limited subsets would be present in significant numbers, much as on GnuPG-Users. It is reasonable that if someone was being masqueraded, that person would speak up and challenge the forger (e.g. Hey, you're not Martin! I'm the real Martin, and I can prove it by signing this message with the same key I've used all along). If the real Martin waited for someone else to notice, well, he may end up waiting for a long time. I'm not sure this is reasonable. If the real Martin doesn't care about what I'm saying, what motive does he have to check the signatures on my messages? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 10:05 PM, Robert J. Hansen wrote: I'm not at all surprised that you had those results. A limited subset of people have support for OpenPGP signatures. A limited subset of those people actually verify signatures. A limited subset of those people actually pay attention to what those signatures say. Yes: but one would hope that on PGP-Basics those limited subsets would be present in significant numbers, much as on GnuPG-Users. I wouldn't hope that. Or perhaps, I might hope that, but certainly not expect it. Do you check the signatures on each message you get on PGP-Basics of GnuPG-Users? I certainly don't. The fact that a message is signed on a public list is of little interest to me. Barring a situation like the Martin/Fake Martin we're talking about (i.e. if someone felt they were being spoofed and called the group's attention to it), I probably wouldn't bother to look at the signatures at all. It is reasonable that if someone was being masqueraded, that person would speak up and challenge the forger (e.g. Hey, you're not Martin! I'm the real Martin, and I can prove it by signing this message with the same key I've used all along). If the real Martin waited for someone else to notice, well, he may end up waiting for a long time. I'm not sure this is reasonable. If the real Martin doesn't care about what I'm saying, what motive does he have to check the signatures on my messages? I think we're missing each other here. We have Martin (the real one), the fake Martin (let's call him Marty), and various other people on a mailing list. Martin always signs his messages. One day Marty shows up and tries to pretend to be Martin. Martin, not wanting someone else to pretend to be him, can easily say: You're not Martin. I am Martin, and I can prove it: I have signed this message with the same key that I've used for all my other messages. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 9:38 PM, Robert J. Hansen wrote: I disagree with this. Obviously a bad signature doesn't say much (except perhaps check your mail system - it's breaking things), but there is still value in the continuity between multiple signed messages. It's important to not make of that more than it is: for all I know there are 200 people all sharing key 1CF3A917, but it does raise the bar for someone who wants to claim to be Martin. I used to believe this, up until John Moore, John Clizbe and I did a small experiment on PGP-Basics. We all shared a certificate and used it to sign our emails. It was literally weeks before anyone noticed. Continuity is a great idea, but based on my own (limited and anecdotal) experience, it does not play a significant role in the real world. Unfortunately, I don't have anything more empirical to stand upon than that one ad-hoc experiment! I'm not at all surprised that you had those results. A limited subset of people have support for OpenPGP signatures. A limited subset of those people actually verify signatures. A limited subset of those people actually pay attention to what those signatures say. Still, that experiment doesn't exactly measure what I'm suggesting. In your experiment, you all kept quiet and waited for other people to notice. It is reasonable that if someone was being masqueraded, that person would speak up and challenge the forger (e.g. Hey, you're not Martin! I'm the real Martin, and I can prove it by signing this message with the same key I've used all along). If the real Martin waited for someone else to notice, well, he may end up waiting for a long time. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 28/02/11 12:35 PM, Robert J. Hansen wrote: On Feb 27, 2011, at 5:17 PM, David Shaw wrote: Can I see the HCI study that MIME attachments confuse people? ;) I would love to see such a study. However, I never made that claim. :) Someone else made the claim PGP/MIME is superior because inline OpenPGP signatures confuse people. Okay, I'll stipulate the latter: but to argue that inline OpenPGP signatures confuse people but PGP/MIME signatures don't (or that they confuse people much less) seems to me to be kind of a stretch. I've seen both confuse people. In-line generally produced general confusion about what it was, PGP/MIME produced either I couldn't open that attachment or careful, you might have a virus. At which point I usually responded with a pre-written explanation of what it was, why I used it and why their (usually Microsoft) MUA couldn't handle it. I haven't received a panicked or confused response like that in a few years, but I do occasionally get questions as to what it is that are more just people being curious. I see this gradual shift in reactions as a good thing. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 28/02/11 2:02 PM, David Shaw wrote: I'm not at all surprised that you had those results. A limited subset of people have support for OpenPGP signatures. A limited subset of those people actually verify signatures. A limited subset of those people actually pay attention to what those signatures say. And a limited subset of those will actually speak up. ;) Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
I think we're missing each other here. We have Martin (the real one), the fake Martin (let's call him Marty), and various other people on a mailing list. Martin always signs his messages. One day Marty shows up and tries to pretend to be Martin. Martin, not wanting someone else to pretend to be him, can easily say: You're not Martin. I am Martin, and I can prove it: I have signed this message with the same key that I've used for all my other messages. Then we're at an impasse, because that claim wouldn't fly with me. Let's imagine Fake-Martin and Real-Martin (FM and RM). FM: [message] RM: Hey, that's not me! I'm me. See? I've signed this with the same cert I've used for everything else on this list. FM: No, I'm the real Martin. I didn't sign up for this mailing list until last week. You signed up here a long time ago and posted messages pretending to be me, so that when I came on the list you could falsely claim to be me! RM: But I'm the real Martin! I've been posting here for months! FM: Prove it. You can't! Therefore, I'm the real Martin. RM: But you can't prove it either! We like to view signatures as purely mathematical things. If certain preconditions are met, then a signature has this semantic meaning, etcetera. Unfortunately, signatures are also social constructs, and social machinery tends to be full of people behaving irrationally. Given this, I would have to say, I don't know who's real and who's fake. They both make very credible claims. If I wanted to do a credibility attack on Martin, you'd better believe I'd make it a point to get on the mailing list first. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 10:27 PM, Robert J. Hansen wrote: I think we're missing each other here. We have Martin (the real one), the fake Martin (let's call him Marty), and various other people on a mailing list. Martin always signs his messages. One day Marty shows up and tries to pretend to be Martin. Martin, not wanting someone else to pretend to be him, can easily say: You're not Martin. I am Martin, and I can prove it: I have signed this message with the same key that I've used for all my other messages. Then we're at an impasse, because that claim wouldn't fly with me. Let's imagine Fake-Martin and Real-Martin (FM and RM). FM: [message] RM: Hey, that's not me! I'm me. See? I've signed this with the same cert I've used for everything else on this list. FM: No, I'm the real Martin. I didn't sign up for this mailing list until last week. You signed up here a long time ago and posted messages pretending to be me, so that when I came on the list you could falsely claim to be me! RM: But I'm the real Martin! I've been posting here for months! FM: Prove it. You can't! Therefore, I'm the real Martin. RM: But you can't prove it either! I'm not talking about proving who is *named* Martin and who isn't. That's not very important (or doable on a mailing list anyway). What is significant is that the Martin that has been posting on the list and signing their messages has a continuity he can point to. If I were Martin, I'd respond: I am the Martin that has been using this mailing list for the past few months. I've had many interesting conversations here, and signed them all. I am signing this message too. I am the same Martin that you all have been conversing with. This man claims to be Martin too. Whether he is or not, *he's not the guy you've been talking to for months*. Or put another way, he's the Martin that they know. There is nothing dramatically new about this idea. It's how nym users have identified themselves for years. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[was: Re: PGP/MIME considered harmful for mobile]
On 02/27/2011 08:31 PM, Robert J. Hansen wrote: the default mail app on a Verizon Droid X running Android 2.2 has broken MIME support. Please post this bit of useful details to the Android PGP/MIME test results thread started by Grant Olson, which actually has an acceptable signal-to-noise ratio. If you could be more specific about versions and application names, that'd be great (an earlier e-mail from you mentioned droid 2.2.something, so i'm not sure what to make of the version numbers in this e-mail). Thanks for trying to make a useful bug report. Hopefully someone who knows more about android can actually get it to the right people and follow up here about it. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 10:22 PM, Ben McGinnes wrote: On 28/02/11 2:02 PM, David Shaw wrote: I'm not at all surprised that you had those results. A limited subset of people have support for OpenPGP signatures. A limited subset of those people actually verify signatures. A limited subset of those people actually pay attention to what those signatures say. And a limited subset of those will actually speak up. ;) Especially on a list where many people self-identify as newbies. I've been toying with the idea of expiring my key and seeing how long it takes for anyone to notice. In fact, I've just decided I will do this sometime in the next year. It'll be interesting to see how long it takes people to notice even after I've announced my intentions. If anyone remembers this conversation when I do this, please let me know my key is expired off-list, so we can collect more data than the first responder. -- -Grant Look around! Can you construct some sort of rudimentary lathe? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [was: Re: PGP/MIME considered harmful for mobile]
Please post this bit of useful details to the Android PGP/MIME test results thread started by Grant Olson, which actually has an acceptable signal-to-noise ratio. As I have said a few times now, I have been out of town at a funeral. I have just now returned and am for the most part exhausted. For the most part, the messages I've been replying to have not demanded much out of me: nothing more than just a couple of facts off the top of my head and a little bit of logical thought. Putting together a formal bug report, complete with screen shots and whatnot, is a little more demanding. I'll get to it when I no longer feel wrung-out and exhausted from burying my uncle. Thanks. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 28-02-2011 0:27, Robert J. Hansen escribió: ... Then we're at an impasse, because that claim wouldn't fly with me. Let's imagine Fake-Martin and Real-Martin (FM and RM). FM: [message] RM: Hey, that's not me! I'm me. See? I've signed this with the same cert I've used for everything else on this list. FM: No, I'm the real Martin. I didn't sign up for this mailing list until last week. You signed up here a long time ago and posted messages pretending to be me, so that when I came on the list you could falsely claim to be me! ... At this point, and since it is about a mailing list, I would be more interested in knowing who is the real Martin, even if his name is not Martin. In other words, I don't know if you write using your real name, but I still would like to know if someone else is trying to impersonate you. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNayHhAAoJEMV4f6PvczxAhGMH/j9fM86ddLEp4jaP1rQdHFKo iyKmibXNtaGMrNQuilbBX9Dsdkl90yR+6mrWYdi0SLl+VVPKmMvp2hw27ysKsT8F wtJcUYd0xTrxjMxG+o4Vxy8f9ky3YtLzM7TArgd6U6F+E9wzfA4B+9r90FQti+0r 582tnlnsZ6XRnrogYjcEuvhDUveP8gD5BJv+1cb4g4VFix+TXcmqb+3ERWUoPzoY F1mu5/hV5Oa6Vk5LrwAVLx0fY5xGO2qjhl0x0luKXwQSsJpNspwxxOYHnrLOxBD+ J6RDtv7edjquQddBOfqpv3gwiSk1LjbnBFMY92w3IM77CDuba69RbcNk+Qs6N6Q= =WN0I -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 27, 2011, at 8:35 PM, Robert J. Hansen wrote: On Feb 27, 2011, at 5:17 PM, David Shaw wrote: Can I see the HCI study that MIME attachments confuse people? ;) I would love to see such a study. However, I never made that claim. :) Someone else made the claim PGP/MIME is superior because inline OpenPGP signatures confuse people. Okay, I'll stipulate the latter: but to argue that inline OpenPGP signatures confuse people but PGP/MIME signatures don't (or that they confuse people much less) seems to me to be kind of a stretch. I suspect that given a client that properly implements MIME (meaning in this case that it would show the regular text, whether or not they were capable of verifying the signature), inline would be more confusing, for reason of numbers. For users of those mail clients, they see a signed message as much the same thing they'd have seen if the mail hadn't been signed at all. For example, Apple's various mail programs do this (I suspect some common code there). For those clients, inline (where you see something) is bound to be more confusing than MIME (where you see nothing) for the simple reason that something is more visible than nothing. Like you, I have no study to point to, but it seems reasonable. Of course, your phone notwithstanding, how large the set of clients that properly implement MIME is an open question... Personally, when I need to make a signature, I usually just consider the audience. For a list like this, I'd probably PGP/MIME it. For other audiences, perhaps not. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 28/02/11 2:59 PM, Grant Olson wrote: I've been toying with the idea of expiring my key and seeing how long it takes for anyone to notice. In fact, I've just decided I will do this sometime in the next year. It'll be interesting to see how long it takes people to notice even after I've announced my intentions. Heh. Are you aiming for some kind of simultaneously expired and accepted key? Schrödinger's Key, if you will. If anyone remembers this conversation when I do this, please let me know my key is expired off-list, so we can collect more data than the first responder. Great, it'll be like a scavenger hunt! :) Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/27/2011 11:48 PM, Ben McGinnes wrote: On 28/02/11 2:59 PM, Grant Olson wrote: I've been toying with the idea of expiring my key and seeing how long it takes for anyone to notice. In fact, I've just decided I will do this sometime in the next year. It'll be interesting to see how long it takes people to notice even after I've announced my intentions. Heh. Are you aiming for some kind of simultaneously expired and accepted key? Schrödinger's Key, if you will. Yep, basically I will set my key to expire one day later and push it to the keyservers. I will intentionally not retrieve the updated expiration on my machines and continue to sign as usual. And see how long it takes people to catch on. I've always wondered how many people would actually realize a key has been revoked after publishing a revcert to the keyservers. If could undo a revocation, I'd do that instead. But I think a expiration is a good enough simulation. It should cause people to raise some eyebrows if they're refreshing their keyrings regularly. I've already got a date picked out. You've been warned... ;-) -- -Grant Look around! Can you construct some sort of rudimentary lathe? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 25 February 2011 at 1:45:03 AM, in mid:87lj14x4yo@servo.finestructure.net, Jameson Rollins wrote: Yikes! I thought we were almost done killing inline signatures! Don't revive it now! If PGP/MIME is broken on android, we need to get them to fix it, not go backwards to inline pgp. Using inline PGP signatures means using the simpler and more reliable of the two solutions. The fact that its specification was defined earlier does not mean using inline signatures is a step backwards; PGP/MIME is a complement to pgp inline, not a replacement. - -- Best regards MFPAmailto:expires2...@ymail.com Consistency is the last refuge of the unimaginative -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJNaSDknhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pniwEALH4 p7TaGDqN4SVjreDacbvO0HQn+ADch6q+c26QZa9I2uRDPtZg8R8ovLr8lB8qJBlR 3FSdZJQWaNEW9WX/q8FLHMLNSw8W1KqeTDkpR8AqmK4ZC0EY6xtOMMeADbfxOC73 S/8d9qI7iws6P/R4YKqsFCxMx3jhn6B8MDybmlSw =M+p2 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Why? Inline is simple and effective. I'm curious as to why you feel MIME is so much better. - --Avi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) - GPGshell v3.77 Comment: Most recent key: Click show in box @ http://is.gd/4xJrs iJgEAREKAEAFAk1psE85GGh0dHA6Ly9wZ3AubmljLmFkLmpwL3Brcy9sb29rdXA/ b3A9Z2V0JnNlYXJjaD0weEY4MEUyOUY5AAoJEA1isBn4Din5lgMA/AwKVfy+zUNF fXBiFZ47w1AFMs8s5VNr6t8P7Jg6/H74AP9ju6yMftOZH3Ee5v7ZQfCnQ3OlkwuR +fgcgWT+PCJuzA== =HdOG -END PGP SIGNATURE- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) avi.w...@gmail.com Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 From: Martin Gollowitzer go...@fsfe.org To: gnupg-users@gnupg.org Date: Fri, 25 Feb 2011 19:56:21 +0100 Subject: Re: PGP/MIME considered harmful for mobile (Jameson Rollins) * Avi avi.w...@gmail.com [110225 19:21]: For those of us who use webmail, inline signatures are rather useful. There are webmail applications supporting PGP/MIME. If yours doesn't, it is not a good one. Inline signatures are not a good thing IMHO. Martin ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Sat, 26 Feb 2011 21:02:08 -0500, Avi avi.w...@gmail.com wrote: Why? Inline is simple and effective. I'm curious as to why you feel MIME is so much better. http://josefsson.org/inline-openpgp-considered-harmful.html jamie. pgpha2dSJArgJ.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 27/02/11 1:24 PM, Jameson Rollins wrote: On Sat, 26 Feb 2011 21:02:08 -0500, Avi avi.w...@gmail.com wrote: Why? Inline is simple and effective. I'm curious as to why you feel MIME is so much better. http://josefsson.org/inline-openpgp-considered-harmful.html Thanks for the link. I'd only add that in-line is fine for encrypting messages since all the data in-line signing may whinge about (e.g. some UTF-8 characters) would be safely tucked away inside the encrypted block. Personally I only use in-line signing in a few places (or with a few correspondents) where I've got no choice. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/26/2011 18:53, Ben McGinnes wrote: On 27/02/11 1:24 PM, Jameson Rollins wrote: On Sat, 26 Feb 2011 21:02:08 -0500, Aviavi.w...@gmail.com wrote: Why? Inline is simple and effective. I'm curious as to why you feel MIME is so much better. http://josefsson.org/inline-openpgp-considered-harmful.html Thanks for the link. I'd only add that in-line is fine for encrypting messages since all the data in-line signing may whinge about (e.g. some UTF-8 characters) would be safely tucked away inside the encrypted block. If you look at the characteristics of the actual messages encrypted mail is very similar whether it's in-line or MIME. It's signed messages that make things interesting because the signature in a MIME message is actually (sort of) an attachment but also sort of not, which is why it confuses simple mail readers like Outlook Express. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 27/02/11 3:28 PM, Doug Barton wrote: If you look at the characteristics of the actual messages encrypted mail is very similar whether it's in-line or MIME. Exactly, the encrypted output in both methods uses base-64 encoding. It's signed messages that make things interesting because the signature in a MIME message is actually (sort of) an attachment but also sort of not, which is why it confuses simple mail readers like Outlook Express. Lots of things confuse Outlook Express. As for attachments, at first glance the body of a message appears to be an attachment to the headers, which leads to all sorts of fun with munged mbox format inboxes. Or it did when I last had to pay attention to such things. Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 25/02/11 07:43, Robert J. Hansen wrote: On 2/24/11 10:15 PM, Daniel Kahn Gillmor wrote: my colleague is using the application named email, version 2.2.2 on a stock 2.2.1 motorola droid. My problem is reproducible on a stock Droid X running 2.2.something -- just got off a very long flight, funeral in the morning: I'll dig the precise version number tomorrow. Some Nokia phones also have issues. So for work related email I use a company provided cert and S/Mime for signing emails, while for my personal emails I use pgp. Ludo -- http://perso.hirlimann.net/~ludo/blog/ http://flickr.com/photos/lhirlimann signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 25.02.11 07:43, Robert J. Hansen wrote: On 2/24/11 10:15 PM, Daniel Kahn Gillmor wrote: my colleague is using the application named email, version 2.2.2 on a stock 2.2.1 motorola droid. My problem is reproducible on a stock Droid X running 2.2.something -- just got off a very long flight, funeral in the morning: I'll dig the precise version number tomorrow. The only mail client on Android I know of to handle OpenPGP messages is K9 (together with APG). But K9 only supports inline-PGP, PGP/MIME messages are not displayed. -Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* Patrick Brunschwig patr...@mozilla-enigmail.org [110225 10:10]: On 25.02.11 07:43, Robert J. Hansen wrote: On 2/24/11 10:15 PM, Daniel Kahn Gillmor wrote: my colleague is using the application named email, version 2.2.2 on a stock 2.2.1 motorola droid. My problem is reproducible on a stock Droid X running 2.2.something -- just got off a very long flight, funeral in the morning: I'll dig the precise version number tomorrow. The only mail client on Android I know of to handle OpenPGP messages is K9 (together with APG). But K9 only supports inline-PGP, PGP/MIME messages are not displayed. This is true, but K9 at least does display the messages correctly. Despite that, PGP/MIME support is being worked on because it's considered better than inline PGP. Martin pgp5TiVUPmun3.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/25/2011 12:11 PM, Martin Gollowitzer wrote: * Patrick Brunschwig patr...@mozilla-enigmail.org [110225 10:10]: The only mail client on Android I know of to handle OpenPGP messages is K9 (together with APG). But K9 only supports inline-PGP, PGP/MIME messages are not displayed. This is true, but K9 at least does display the messages correctly. These two statements seem to be in direct contradiction to each other. Is K-9 mail able to display the body of a text/plain PGP/MIME-signed message or not? If answers differ based on the version of K-9 mail, what versions support it? I am *not* asking about validating signatures -- I'm just talking about being able to read the (unvalidated) message contents of PGP/MIME-signed messages. I don't use K-9 mail, but i would appreciate some clarity so i know what to recommend to folks who ask me for recommendations. Despite that, PGP/MIME support is being worked on because it's considered better than inline PGP. i'm glad to hear that. Thanks for working on it! --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* Robert J. Hansen r...@sixdemonbag.org [110225 07:47]: There are good reasons to prefer a PGP/MIME and S/MIME signature standards over inline PGP. And vice-versa. In inline's defense, it *works*, and PGP/MIME often doesn't. Maybe one should think about *why* this is the case. Nevertheless, your statement is not true as such. PGP/MIME *does* work, but there are MUAs out there which can't cope with it. Martin pgpZ7aij3sSJ8.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Feb 25, 2011, at 12:29 PM, Daniel Kahn Gillmor wrote: On 02/25/2011 12:11 PM, Martin Gollowitzer wrote: * Patrick Brunschwig patr...@mozilla-enigmail.org [110225 10:10]: The only mail client on Android I know of to handle OpenPGP messages is K9 (together with APG). But K9 only supports inline-PGP, PGP/MIME messages are not displayed. This is true, but K9 at least does display the messages correctly. These two statements seem to be in direct contradiction to each other. Is K-9 mail able to display the body of a text/plain PGP/MIME-signed message or not? If answers differ based on the version of K-9 mail, what versions support it? I am *not* asking about validating signatures -- I'm just talking about being able to read the (unvalidated) message contents of PGP/MIME-signed messages. This is a crucial point. I'm much more concerned that a mail client can display a PGP/MIME-signed message at all than I am about having support for message verification. Message verification is very useful, but if the mail client can't display the message at all, then it is not compliant with MIME, much less PGP/MIME. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile (Jameson Rollins)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 For those of us who use webmail, inline signatures are rather useful. - -- Avi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) - GPGshell v3.77 Comment: Most recent key: Click show in box @ http://is.gd/4xJrs iJgEAREKAEAFAk1n8lg5GGh0dHA6Ly9wZ3AubmljLmFkLmpwL3Brcy9sb29rdXA/ b3A9Z2V0JnNlYXJjaD0weEY4MEUyOUY5AAoJEA1isBn4Din59XYA/18e3tB5ojsl lBpatsKCjKmUhXjusYXtsxv/zIcgQsbYAP9YAdU2WDym1JMXDd2tOV4/8ObwDlqu 5nkIM2o1PuKoZg== =NAhh -END PGP SIGNATURE- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) avi.w...@gmail.com Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 -- Forwarded message -- From: Jameson Rollins jroll...@finestructure.net To: Robert J. Hansen r...@sixdemonbag.org, gnupg-users@gnupg.org Date: Thu, 24 Feb 2011 17:45:03 -0800 Subject: Re: PGP/MIME considered harmful for mobile On Thu, 24 Feb 2011 20:22:03 -0500, Robert J. Hansen r...@sixdemonbag.org wrote: Just as an FYI to the list -- On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. Yikes! I thought we were almost done killing inline signatures! Don't revive it now! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
* Daniel Kahn Gillmor d...@fifthhorseman.net [110225 18:31]: On 02/25/2011 12:11 PM, Martin Gollowitzer wrote: * Patrick Brunschwig patr...@mozilla-enigmail.org [110225 10:10]: The only mail client on Android I know of to handle OpenPGP messages is K9 (together with APG). But K9 only supports inline-PGP, PGP/MIME messages are not displayed. This is true, but K9 at least does display the messages correctly. These two statements seem to be in direct contradiction to each other. Sorry for the misunderstanding: The message body is being displayed, but the signature is not verified. K9 is the only e-mail client for Android that I consider usable. All the best, Martin pgpZaPtkhKopq.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile (Jameson Rollins)
* Avi avi.w...@gmail.com [110225 19:21]: For those of us who use webmail, inline signatures are rather useful. There are webmail applications supporting PGP/MIME. If yours doesn't, it is not a good one. Inline signatures are not a good thing IMHO. Martin pgpPpk4wPE5Xj.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/25/2011 01:37 PM, Martin Gollowitzer wrote: Sorry for the misunderstanding: The message body is being displayed, but the signature is not verified. K9 is the only e-mail client for Android that I consider usable. I just received corroboration of a successful read (albeit without signature verification) of a PGP/MIME-signed message from another colleague who is running K-9 Mail 3.318 on CyanogenMod 6. Patrick, if there is a version of K-9 mail that you've seent hat actually doesn't display a PGP/MIME-signed message, it would be good to know more details. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile (Jameson Rollins)
On 2/25/2011 12:56 PM, Martin Gollowitzer wrote: * Avi avi.w...@gmail.com [110225 19:21]: For those of us who use webmail, inline signatures are rather useful. There are webmail applications supporting PGP/MIME. If yours doesn't, it is not a good one. Inline signatures are not a good thing IMHO. Martin ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users Inline has a nice backup option. You can copy and past out of an email and still decode it. Havnt found a good replacement for mime yet. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/24/2011 11:43 PM, Robert J. Hansen wrote: My problem is reproducible on a stock Droid X running 2.2.something -- just got off a very long flight, funeral in the morning: I'll dig the precise version number tomorrow. So, I've been doing some triaging to see if I can reproduce this on other mail apps, and I'm coming up empty handed. So far, I've tested the official Gmail app from Google, the K9 mail app, the builtin mail app on my HTC Evo and the builtin mail app on the LG Optimus S. In every case, a PGP/MIME mail displays the body of the text as it should. Sometimes, the cryptographic signature is viewable, sometimes not. So, that brings up the question- what mail app are you using on your Droid X? We should definitely get a bug reported and get this worked on, so we don't have to digress back to using inline signatures. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
PGP/MIME considered harmful for mobile
Just as an FYI to the list -- On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/24/2011 08:22 PM, Robert J. Hansen wrote: On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. thanks for the heads-up, Robert. I'm assuming you're talking about PGP/MIME signed mail, not encrypted mail. Has this been reported to wherever this mailreader tracks their bugs? if so, could you provide a link to the bug report? I'd like to follow the discussion. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Thu, 24 Feb 2011 20:22:03 -0500, Robert J. Hansen r...@sixdemonbag.org wrote: Just as an FYI to the list -- On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. Yikes! I thought we were almost done killing inline signatures! Don't revive it now! If PGP/MIME is broken on android, we need to get them to fix it, not go backwards to inline pgp. jamie. pgpW6t3hiuiob.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On Thu, Feb 24, 2011 at 08:22:03PM -0500, Robert J. Hansen wrote: On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. I don't understand. I use PGP/MIME for all my signatures, and I've not had a problem reading the mail on my Evo, nor reading others mail that uses PGP/MIME. I do see at the top of the interface that there is a View Attachments link, but the mail is still readable for me. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/24/2011 08:22 PM, Robert J. Hansen wrote: On Android's mail application, PGP/MIME attachments are nigh-unusable. It won't render even the plaintext portions: it has to be downloaded and opened with a text reader. If you're concerned about your mail being readable on a mobile device (which is increasingly important nowadays), you might want to consider switching to inline signatures. Hm. maybe i don't know what you mean here, but i just tried to verify this with a colleague, and i've come to a different conclusion. I sent a simple text/plain e-mail wrapped in a PGP/MIME signature, generated by enigmail (like this one). that is, the message i sent is structured like this: └┬╴multipart/signed 2181 bytes ├╴text/plain 219 bytes └╴application/pgp-signature attachment [signature.asc] 1030 bytes my colleague is using the application named email, version 2.2.2 on a stock 2.2.1 motorola droid. He wrote me back: The email shows fine, but when I try to view the attachment the email application says it cannot be displayed. So, to be clear: PGP/MIME-signed plaintext mail did not cause any problems with rendering on android in my test. The basic e-mail application is unable to verify the signature, but i think we knew that already. I do *not* consider PGP/MIME harmful for mobile. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/25/2011 03:15 AM, Daniel Kahn Gillmor wrote: I do *not* consider PGP/MIME harmful for mobile. They might not be harmfull for ~your~ mobile... Any mail with attachments is likely to be harmful for mobile. You just don't know what device and what program will be used to read your mail and most of those will have difficulty with attachments. If you must use signatures, please make them in-line! Mark R. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 02/24/2011 11:15 PM, M.R. wrote: On 02/25/2011 03:15 AM, Daniel Kahn Gillmor wrote: I do *not* consider PGP/MIME harmful for mobile. They might not be harmfull for ~your~ mobile... heh. i don't have a mobile, so i can guarantee that :) Any mail with attachments is likely to be harmful for mobile. You just don't know what device and what program will be used to read your mail and most of those will have difficulty with attachments. If you must use signatures, please make them in-line! There are good reasons to prefer a PGP/MIME and S/MIME signature standards over inline PGP. These standards have been around for a long time, and modern mail user agents should be able to cope by now, even if all they do is discard the multipart/signed wrapper and trailing signature parts. It would be really useful to hear about specific MUAs that can't handle PGP/MIME-signed messages like this one, and to get clear descriptions of the failure modes. But without these kind of specific reports, vague statements like most of those will have difficulty just sound like FUD to me. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/24/11 8:33 PM, Daniel Kahn Gillmor wrote: thanks for the heads-up, Robert. I'm assuming you're talking about PGP/MIME signed mail, not encrypted mail. Correct. Has this been reported to wherever this mailreader tracks their bugs? if so, could you provide a link to the bug report? I'd like to follow the discussion. No, since I didn't discover it until I was in the airport checking my email on my Droid X. Notably, I haven't been able to view your messages at all: all I get is an empty message and an icon showing attachments. I have to manually d/l the plain text portions, then open them in either HTMLviewer or QuickOffice. If people doubt this, I'll be happy to show images. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/24/11 10:15 PM, Daniel Kahn Gillmor wrote: my colleague is using the application named email, version 2.2.2 on a stock 2.2.1 motorola droid. My problem is reproducible on a stock Droid X running 2.2.something -- just got off a very long flight, funeral in the morning: I'll dig the precise version number tomorrow. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: PGP/MIME considered harmful for mobile
On 2/25/11 12:37 AM, Daniel Kahn Gillmor wrote: There are good reasons to prefer a PGP/MIME and S/MIME signature standards over inline PGP. And vice-versa. In inline's defense, it *works*, and PGP/MIME often doesn't. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users