Evolution and GPG signing?
mike cloaked
mike.cloaked at gmail.com
Tue Mar 23 21:14:50 UTC 2010
On Tue, Mar 23, 2010 at 9:05 PM, mike cloaked <mike.cloaked at gmail.com> wrote:
> On Tue, Mar 23, 2010 at 8:55 PM, mike cloaked <mike.cloaked at gmail.com> wrote:
>
>>>> does it make a difference if you are sending inline or PGP/MIME.
>>>
>
> Maybe that last point is the important one - in Thunderbird I have the
> option of sending PGP/mime - but I can't see how to do this in
> Evolution? Is there a switch I am missing because I did not look deep
> enough or is it that Evolution just can't do PGP/Mime??
I found a post at http://www.secure-my-email.com/clients_evolution.php
which says: "One thing I encoutered here is that Evolution (at least
my version, version 2.2.3) require the encrypted data to be RFC 1847
Encapsulated. It does not support the other method of both digitally
signing and encrypting as defined in RFC 3156. (RFC 1847 encapsulation
is described in chapter 6.1, the combined method is described in
chapter 6.2 for those interested).
My primary mail client, Mozilla Thunderbird, with Enigmail as an
extension to handle the security use the combined method by default
when sending a message using PGP/MIME. It will be able to properly
verify both methods."
I wonder if this is at the core of this issue?
I also saw a very old post at
http://www.mozdev.org/pipermail/enigmail/2003-November/000661.html
"> I am having trouble receiving signed+encrypted email from a
> person using Evolution, which supports only PGP/MIME. I read through RFC
> 3156, and, according to section 6, there are two ways to send
> signed+encrypted email. One (6.1) is to create a signature mime body
> from the text, encrypt the whole, and create an encrypted mime body from
> the result. This is what Evolution does. The other (6.2) is to
> encrypt+sign the text in one go, which is what Enigmail does. The
> problem is that Enigmail does not properly decode email sent in the
> format described in 6.1. It decrypts the message and displays the text,
> but does not verify the signature."
This seems to point to Thunderbird as being the problem in that maybe
a very old unresolved bug/feature is preventing correct signature
verification?
I would appreciate further input on this.
--
mike c
More information about the users
mailing list