Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters. So, by the same token they will (should) view signed emails as bandwidth wasters and will equally get bent out of shape.
On Tue, Oct 28, 2008 at 09:56:14PM +0800, Ed Greshko wrote:
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters. So, by the same token they will (should) view signed emails as bandwidth wasters and will equally get bent out of shape.
I've read (probably in connection with TIN news postings) that sigs should have no more than 3 lines after the ---.
Dave Feustel wrote:
On Tue, Oct 28, 2008 at 09:56:14PM +0800, Ed Greshko wrote:
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters. So, by the same token they will (should) view signed emails as bandwidth wasters and will equally get bent out of shape.
I've read (probably in connection with TIN news postings) that sigs should have no more than 3 lines after the ---.
I don't mean ascii signature lines, but emails which have been digitally signed by the mail client, for example thunderbird: there in the composer window, you can say: "security->digitally sign this message" before sending it (produces a big attachment containing the digital signature). This is what i meant.
Regards
Around 02:22pm on Tuesday, October 28, 2008 (UK time), Joachim Backes scrawled:
I don't mean ascii signature lines, but emails which have been digitally signed by the mail client, for example thunderbird: there in the composer window, you can say: "security->digitally sign this message" before sending it (produces a big attachment containing the digital signature). This is what i meant.
A big attachment? My gpg sifnatures are 0.2k - less than two lines of text.
Steve
On Tue, 2008-10-28 at 10:08 -0400, Dave Feustel wrote:
On Tue, Oct 28, 2008 at 09:56:14PM +0800, Ed Greshko wrote:
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters. So, by the same token they will (should) view signed emails as bandwidth wasters and will equally get bent out of shape.
I've read (probably in connection with TIN news postings) that sigs should have no more than 3 lines after the ---.
1) That's old USENET Netiquette from days begone.
2) That's for the text signature (mine is 4 lines).
3) The 3 line limit is largely ignored now with high speed nets.
3) Does not relate to a crypto signature like PGP or S/MIME.
This message has both my text signature at the bottom and a PGP signature.
Signing all messages has value. It establishes a "preponderance of evidence" for the use of certain keys and signatures and establishes good practices.
As a secondary issue, if we only signed / encrypted important messages, that's a red letter warning to those doing "traffic analysis" that this was as message to be given "special attention and processing". Signing everything removes that significance for signed messages. It would be even better if we could encrypt everything as well, making even encrypted messages nothing out of the ordinary and increase the amount of effort required to filter significant messages out from insignificant messages.
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Mike
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone who desperately cares about this can choose to receive mail in daily digest format, which saves far more in headers than would be consumed even if everyone on the list used GPG.
-- Chris
Joachim Backes wrote:
Until tomorrow, I always sent signed emails to the FEDORA mailing list, where the signature was issued by the PKI of my computer center (german university). But some fedora list people told me that even very small emails always have a size of at least 8 kilobyte.
Could you clarify this a bit - were they saying that signing the e-mail made it always at least 8k, or were they saying that even unsigned e-mail was also that big? I suspect that it was the later...
Therefore i switched to unsigned emails.
My question: are there rules for the fedora email traffic saying: do not use signatures?
Considering that with the headers included, a PGP signature adds about 10 lines of text. (Most of it headers.) This is a small amount of space, considering the problems a couple of faked e-mail can cause. I only want to be blamed for a flame war if I really started it!
If you are really concerned about the size of e-mails, a better place to start is with quoting. I see far too many e-mails where the entire thread is quoted, including the list signatures, just to add a "me too" or "+1" to the last comment in the thread. Or the entire log or config file listing is included in every reply to the original message. Trim it down to just the pertinent parts when replying - it not only cuts down on waisted bandwidth, but it makes it easier to see what you are talking about in the reply.
Mikkel
Ed Greshko wrote:
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters.
Actually, the issue with HTML email is that it violates RFCs /and/ wastes bandwidth. Signatures do neither.
Matt Flaschen
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Joachim Backes wrote: <snip>
My question: are there rules for the fedora email traffic saying: do not use signatures?
if there are, a whole lot of us are in violation.
check bottom of any post and you will see; Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/
On Tue, Oct 28, 2008 at 9:33 AM, Matthew Flaschen matthew.flaschen@gatech.edu wrote:
Ed Greshko wrote:
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters.
Actually, the issue with HTML email is that it violates RFCs /and/ wastes bandwidth. Signatures do neither.
Matt Flaschen
Long signatures, quotaton of the day, GPG, etc. add clutter. You can even omit your signature on this list. Clutter is clutter and does not add to information flow.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
g wrote:
Joachim Backes wrote:
<snip>
in addition,
from one of your old emails:
following header, hidden from view;
} This is a cryptographically signed message in MIME format. } } --===============0861191616== } Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; } micalg=sha1; boundary="------------ms020304010903010103040406"
following message, also hidden from view;
} This is a cryptographically signed message in MIME format. } } --------------ms020304010903010103040406 } Content-Type: application/x-pkcs7-signature; name="smime.p7s" } Content-Transfer-Encoding: base64 } Content-Disposition: attachment; filename="smime.p7s" } Content-Description: S/MIME Cryptographic Signature
from my email:
following header, viewable in body;
} -----BEGIN PGP SIGNED MESSAGE----- } Hash: SHA1
following message, viewable in body;
On Tue, 2008-10-28 at 12:05 -0400, Chris Snook wrote:
Joachim Backes wrote:
...
My question: are there rules for the fedora email traffic saying: do not use signatures?
No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone who desperately cares about this can choose to receive mail in daily digest format, which saves far more in headers than would be consumed even if everyone on the list used GPG.
-- Chris
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages - when they are being posted in a high-volume public ML. (Geek factor not included)
- Gilboa
some thing i should have done before sending last post.
clicking arrow beside 'openpgp', shows 'sign message' checked. clicking arrow beside 's/mime', shows 'do not encrypt this message' checked.
if you change these setting and shorten your key, you will should still conform to pki and have a shorter sig.
also, in thunderbird window, click 'openpgp', click 'about openpgp' and go from there.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gilboa Davara wrote: <snip>
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages
how about because it is a requirement by his and many other colleges and universities thru out world. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/
On Tue, 28 Oct 2008 18:08:16 +0000 g geleem@bellsouth.net wrote:
how about because it is a requirement by his and many other colleges and universities thru out world.
Your answer can be paraphrased as "We require it because it's required."
Which begs the question.
On Tue, 2008-10-28 at 20:03 +0200, Gilboa Davara wrote:
On Tue, 2008-10-28 at 12:05 -0400, Chris Snook wrote:
Joachim Backes wrote:
...
My question: are there rules for the fedora email traffic saying: do not use signatures?
No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone who desperately cares about this can choose to receive mail in daily digest format, which saves far more in headers than would be consumed even if everyone on the list used GPG.
-- Chris
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages - when they are being posted in a high-volume public ML. (Geek factor not included)
Real simple. Always sign messages when ever and where ever possible. The exception should only be those cases where it is precluded for some reason.
As I stated in an earlier message, this has to do with traffic analysis as well as "preponderance of evidence" issues. That's two good reasons which have been well discussed in various cryptography forums and amongst security professionals for years. I remember having this debate in the PGP forums on USENET some 15 years ago. If you don't agree with it (and many still don't) that fine. I'm still signing and if someone can't handle that, it's their problem.
I would also point out one other important reason. Regressions. I've personally helped trouble shoot several significant problems in MTA's and filtering systems (MailScanner) when problems have cropped up where my signature didn't verify. Problems resolved down into corruptions in transports which then had to then be fixed.
- Gilboa
Mike
On Tue, 2008-10-28 at 18:08 +0000, g wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gilboa Davara wrote:
<snip> > ... All nice and dandy, but it would have been nice if anyone would have > been able to give me -one- solid reason why he/she needs to sign his/her > messages
how about because it is a requirement by his and many other colleges and universities thru out world.
A. You can always decide to whether to sign a message or not - on a per-message basis. B. With so many free email services, noting forces you to use your primary email account to post ML messages.
E.g. My company has an annoying policy the requires all employees to use a huge HTML signature on all outgoing emails - hence, I always use my gmail account to post non-work-related-message.
- Gilboa
Gilboa Davara wrote:
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages - when they are being posted in a high-volume public ML. (Geek factor not included)
- Gilboa
Well, I have had messages send on more then one "high-volume public ML" that did not come from me, but looked like they did. I would have thought the contents of the message would have been enough to let people know it was not from me, but I was wrong. So I sign all my messages now. I can not "prove" that an unsigned message did not come from me, but I would hope an unsigned message posted to the list would cause people to take a closer look at it.
While it is not as necessary for me to keep up a positive reputation on the Internet as it used to be, I still do not want other people saying things in my name. But that may not be important to others on the list, or they have other ways to handle it...
Mikkel
On Tue, 2008-10-28 at 14:39 -0400, Michael H. Warfield wrote:
I would also point out one other important reason. Regressions. I've personally helped trouble shoot several significant problems in MTA's and filtering systems (MailScanner) when problems have cropped up where my signature didn't verify. Problems resolved down into corruptions in transports which then had to then be fixed.
I'm not claiming that PGP has no place in email messages. I'm questioning the value of PGP signed messages in ML messages...
As I stated in an earlier message, this has to do with traffic analysis as well as "preponderance of evidence" issues. That's two good reasons which have been well discussed in various cryptography forums and amongst security professionals for years. I remember having this debate in the PGP forums on USENET some 15 years ago. If you don't agree with it (and many still don't) that fine. I'm still signing and if someone can't handle that, it's their problem.
Preponderance of evidence? We are still talking about ML messages, right? I doubt that BigG will be sending his next Halloween message to Fedora-users ML... As for the -rude- "can't handle that, it's their problem" part, I assume that you'll silently accept the same behavior the next time someone drops a 15K HTML message with containing a picture of his pet in his signature. (Given that fact that your 8K message contains 1826 bytes of actual text...)
There's an old Jewish saying that - roughly translated (to English) - goes something like this: "Do not do the things that you hate the most to your friends."
I'd suggest you keep it mind.
- Gilboa
On Tue, 28 Oct 2008 13:49:36 -0500 "Mikkel L. Ellertson" mikkel@infinity-ltd.com wrote:
I can not "prove" that an unsigned message did not come from me, but I would hope an unsigned message posted to the list would cause people to take a closer look at it.
Wouldn't an examination of the message headers accomplish much the same thing? Assuming that the "imposter" isn't using the same mailserver as you are, of course.
On Tue, 2008-10-28 at 12:55 -0600, Frank Cox wrote:
On Tue, 28 Oct 2008 13:49:36 -0500 "Mikkel L. Ellertson" mikkel@infinity-ltd.com wrote:
I can not "prove" that an unsigned message did not come from me, but I would hope an unsigned message posted to the list would cause people to take a closer look at it.
Wouldn't an examination of the message headers accomplish much the same thing? Assuming that the "imposter" isn't using the same mailserver as you are, of course.
Headers can be forged and people do not check headers (they are not obvious). If you sign your messages, they know they came from you. If you are religious about it, they can trust that the others probably did NOT come from you.
-- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com
Mike
On Tue, 2008-10-28 at 17:39 +0000, g wrote:
my pgp signing is created from 8 characters and not in 'mime' format, which would be an additional waste of bandwidth.
What I saw was more than "8 characters", did you mean something else?
And it really should be MIME in this day and age, no more of this mystery parsing of the message to find all the bits.
Frank Cox wrote:
On Tue, 28 Oct 2008 13:49:36 -0500 "Mikkel L. Ellertson" mikkel@infinity-ltd.com wrote:
I can not "prove" that an unsigned message did not come from me, but I would hope an unsigned message posted to the list would cause people to take a closer look at it.
Wouldn't an examination of the message headers accomplish much the same thing? Assuming that the "imposter" isn't using the same mailserver as you are, of course.
It should. Unfortunately, too many people have a problem determining where the real headers end, and the fake headers begin. I have run into people that don't even look past the list server information to see where the list server received the message from... (All your messages came from <something>.redhat.com.) How these same people manages to get things set up to verify an e-mail signature is a mystery to me - maybe someone sets it up for them?
Mikkel
On Tue, Oct 28, 2008 at 20:03:52 +0200, Gilboa Davara gilboad@gmail.com wrote:
On Tue, 2008-10-28 at 12:05 -0400, Chris Snook wrote:
Joachim Backes wrote:
...
My question: are there rules for the fedora email traffic saying: do not use signatures?
No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone who desperately cares about this can choose to receive mail in daily digest format, which saves far more in headers than would be consumed even if everyone on the list used GPG.
-- Chris
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages - when they are being posted in a high-volume public ML. (Geek factor not included)
Non-repudiation.
On Tue, 28 Oct 2008 18:36:23 -0500 Gilboa Davara gilboad@gmail.com wrote:
Non-repudiation.
Which is still (more-or-less) addressed by headers.
On Tue, 2008-10-28 at 17:45 -0600, Frank Cox wrote:
On Tue, 28 Oct 2008 18:36:23 -0500 Gilboa Davara gilboad@gmail.com wrote:
Non-repudiation.
Which is still (more-or-less) addressed by headers.
Not.
Not at all.
Not even at first blush.
If they were, we could deal with spam a lot easier.
If they were, we wouldn't need SPF or Domain Keys, which nobody is implementing to any effective depth.
-- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com
Mike
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
What I saw was more than "8 characters", did you mean something else?
as i said, '8'. when prompted for entry, i entered 8 characters.
And it really should be MIME in this day and age
mime is a waste. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/
On Wed, 29 Oct 2008 00:05:22 -0400 "Michael H. Warfield" mhw@WittsEnd.com wrote:
Which is still (more-or-less) addressed by headers.
Not.
Not at all.
Not even at first blush.
If they were, we could deal with spam a lot easier.
If they were, we wouldn't need SPF or Domain Keys, which nobody is implementing to any effective depth.
I think you're carrying the issue to a depth beyond what's actually under discussion.
If we were making business deals, creating legal agreements of some kind, then I agree that pgp signing and the like is probably a good idea.
But.
This is a technical mailing list, and a relatively high-volume one at that. I think there is a different level of, shall we say, vigilance required on a technical mailing list than there would be on some kind of a high-security operation.
The mailing list itself should absolutely be operated in a relatively secure manner to prevent spam and the like. But within the list itself, I don't think it's necessary to go to great lengths to provide a mechanism for non-repudiation. If someone posts something and it wasn't me, I'll tell you that it wasn't me if it's important and if someone asks. That doesn't require a digital signature.
On Tue, 2008-10-28 at 18:36 -0500, Gilboa Davara wrote:
On Tue, Oct 28, 2008 at 20:03:52 +0200, Gilboa Davara gilboad@gmail.com wrote:
On Tue, 2008-10-28 at 12:05 -0400, Chris Snook wrote:
Joachim Backes wrote:
...
My question: are there rules for the fedora email traffic saying: do not use signatures?
No. Proper use of PKI (such as GPG signatures) is worth a few bytes. Anyone who desperately cares about this can choose to receive mail in daily digest format, which saves far more in headers than would be consumed even if everyone on the list used GPG.
-- Chris
... All nice and dandy, but it would have been nice if anyone would have been able to give me -one- solid reason why he/she needs to sign his/her messages - when they are being posted in a high-volume public ML. (Geek factor not included)
Non-repudiation.
Yey. You managed to send a message that looks like it was sent by me. I'm shocked. ... We are talking about Fedora-users, not CVS-traffic@kernel.org...
- Gilboa
On Wed, Oct 29, 2008 at 04:07:12AM +0000, g wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
What I saw was more than "8 characters", did you mean something else?
as i said, '8'. when prompted for entry, i entered 8 characters.
And it really should be MIME in this day and age
mime is a waste.
tc,hago.
I'm a newbie when it comes to mime and sending binary attachments.
What other mechanism is available to send binary data via email?
Thanks.
On Wed, 2008-10-29 at 07:53 -0400, Dave Feustel wrote:
On Wed, Oct 29, 2008 at 04:07:12AM +0000, g wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
What I saw was more than "8 characters", did you mean something else?
as i said, '8'. when prompted for entry, i entered 8 characters.
And it really should be MIME in this day and age
mime is a waste.
tc,hago.
I'm a newbie when it comes to mime and sending binary attachments.
What other mechanism is available to send binary data via email?
Don't go there. In the olden days, when men were men, people used things like uuencode for this. MIME was invented to get us out of that. If you must send binary stuff by email, MIME is the only game in town.
poc
On Wed, Oct 29, 2008 at 07:53:46 -0400, Dave Feustel dfeustel@mindspring.com wrote:
I'm a newbie when it comes to mime and sending binary attachments.
What other mechanism is available to send binary data via email?
The uuencode/uudecode sort of protocol used to be used for this on usenet, but could be used in email. But really mime is better if you have to use email. You can also consider including just a link to the data on an http, ftp or other service. When sending to a list this is often the preferred method.
Tim:
What I saw was more than "8 characters", did you mean something else?
g:
as i said, '8'. when prompted for entry, i entered 8 characters.
Well, the sample you supplied was certainly more than 8 characters long. Prompted for entry into what?
And it really should be MIME in this day and age
mime is a waste.
No, not at all. With MIME you get information on content encoding and/or content type, identification of the different parts, etc. With other schemes you get random text you have to guess at. We've moved beyond the always-been-hopelessly-inadequate-from-the-start 7-bit text mail, years and years ago.
On Tue, 28 Oct 2008 14:17:37 +0100, Joachim Backes wrote: [...]
My question: are there rules for the fedora email traffic saying: do not use signatures?
I used to wish modern scholarship in the widest sense (Wissenschaft) could be anonymous; but I came to realize that the same assertion carries different weights, and maybe different connotations, according to who makes it.
That turns out especially true in a context like the present. For those of us who are not technoids nor were meant to be, there is very practical value in learning who speaks for Fedora, who is especially good at explaining things in simple terms, who has the patience to stick with a topic till we grasp it, etc.
Also, at least some newsreaders (for those of us whose electronic lives Gmane routinely saves) let you rearrange threads by poster -- a great convenience.
So I urge people to take some slight effort to put something reasonably distinguishable both in their From: fields and at the bottoms of their posts.
Beyond that deponent opineth not.
--- On Wed, 10/29/08, Beartooth Beartooth@swva.net wrote:
From: Beartooth Beartooth@swva.net Subject: Re: FEDORA net etiquette To: fedora-list@redhat.com Date: Wednesday, October 29, 2008, 9:15 PM On Tue, 28 Oct 2008 14:17:37 +0100, Joachim Backes wrote: [...]
My question: are there rules for the fedora email
traffic saying: do not
use signatures?
I used to wish modern scholarship in the widest sense (Wissenschaft) could be anonymous; but I came to realize that the same assertion carries different weights, and maybe different connotations, according to who makes it.
That turns out especially true in a context like the present. For those of us who are not technoids nor were meant to be, there is very practical value in learning who speaks for Fedora, who is especially good at explaining things in simple terms, who has the patience to stick with a topic till we grasp it, etc.
Also, at least some newsreaders (for those of us whose electronic lives Gmane routinely saves) let you rearrange threads by poster -- a great convenience.
So I urge people to take some slight effort to put something reasonably distinguishable both in their From: fields and at the bottoms of their posts.
Beyond that deponent opineth not.
--
In EE grad school, I had a prof with a PhD in geophysics from MIT.
In a course Adv EE math, I had to go to the chalk board and erase 50+% of his writings and correct!
He got stuck on the indicial shift in the method of Frobenius!
He was a great guy otherwise...we played tennis!
Maybe he could not think on his feet!
Science should be devoid of politics and politicians!
Who is like the hacker in "The Score" with Deniro and Norton?
Beartooth Staffwright, PhD, Neo-Redneck Linux Convert Remember I know precious little of what I am talking about.
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
On Tue, 2008-10-28 at 12:33 -0400, Matthew Flaschen wrote:
Actually, the issue with HTML email is that it violates RFCs /and/ wastes bandwidth. Signatures do neither.
Matt Flaschen
Just out of interest, which RFC's?
Matthew Flaschen wrote:
Ed Greshko wrote:
My question: are there rules for the fedora email traffic saying: do not use signatures?
No...there isn't.
But, people get bent out of shape because they view html emails as bandwidth wasters.
Actually, the issue with HTML email is that it violates RFCs /and/ wastes bandwidth. Signatures do neither.
Unless you can explain why you think HTML email violates any RFC I'll have to respectfully disagree with your statement. As a matter of fact, there are several RFCs that deal specifically with HTML in much the same manner that there are RFCs that specifically deal with the varying forms of digital signatures.
Please note that there are different "implementations" (e.g. Thunderbird, Evolution, mutt, pine, sendmail, postfix, etc.) that follow various numbers of RFCs. Its true that, at times, the developers of these err in their interpretation or implementation of portions of RFCs. That is commonly referred to as a "bug".
Matt Flaschen
Simon Slater wrote:
On Tue, 2008-10-28 at 12:33 -0400, Matthew Flaschen wrote:
Actually, the issue with HTML email is that it violates RFCs /and/ wastes bandwidth. Signatures do neither.
Matt Flaschen
Just out of interest, which RFC's?
Yes, which RFCs does it violate? I know of none. The RFCs simply state how things are to be encoded and the like but they do NOT put restrictions on what the content of any email message (or its attachments) may be, which is one reason so damned many virii get distributed.
And no, signatures don't violate RFCs but, since they're not strictly part of the message they could be considered a bandwidth waste. If they aren't, why don't we put signatures on all of our SMS text messages on our cell phones? The cell providers would LOVE all that extra text! I hear "cha-CHING" ringing in their ears!
(I'd love to see Verizon take that stupid "Sent from my Verizon Wireless BlackBerry" crap off my emails from my CrackBerry...they even make ME pay for them, the jerks!) ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - I.R.S.: We've got what it takes to take what you've got! - ----------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
Tim:
What I saw was more than "8 characters", did you mean something else?
g:
as i said, '8'. when prompted for entry, i entered 8 characters.
Well, the sample you supplied was certainly more than 8 characters long. Prompted for entry into what?
in originally set up for pgp signature, i used 8 characters. this is where i miss led you. these 8 produce a 40 character fingerprint.
in pgpsignature, 94 characters are produced with first 26 common.
mime is a waste.
No, not at all. With MIME you get information on content encoding and/or content type,
this i understand. where i believe it to be a waste is when a plain text file is attached and it is converted to mime.
also, a waste is to send a text message in 'base64'.
my apologies for not being more clear. sometimes i tend to be 'terse' when i should elaborate. and yes, my first use of unix was on teletype printer. also, my typing is slower than my thinking, and i tend to leave out when catching up. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/
g wrote:
this i understand. where i believe it to be a waste is when a plain text file is attached and it is converted to mime.
Well, if you want it attached and not just a part of the main body of text you *have* to use MIME: MIME is what enables attachments in Internet e-mail.
also, a waste is to send a text message in 'base64'.
Depends. I’d argue that what is *really* a waste is that most mail clients have to encode 8 bit e-mails with quoted-printable or base64, for reliability reasons¹.
Base64 can actually lead to smaller e-mails than quoted-printable when the underlying text message is not in a Latin-based alphabet (think Far Eastern, Greek or Russian).
James.
¹ There are still a very few places that can’t handle 8 bit e-mail, and rather more e-mail servers that can’t transcode 8 bit messages into some 7 bit encoding when they relay to a traditional SMTP (not ESMTP) server.
On Thu, 2008-10-30 at 20:37 +0000, James Wilkinson wrote:
There are still a very few places that can’t handle 8 bit e-mail, and rather more e-mail servers that can’t transcode 8 bit messages into some 7 bit encoding when they relay to a traditional SMTP (not ESMTP) server.
Or do so, and make a right mess of the results.
g:
mime is a waste.
Tim:
No, not at all. With MIME you get information on content encoding and/or content type,
g:
this i understand. where i believe it to be a waste is when a plain text file is attached and it is converted to mime.
Nine times out of ten, there is no "conversion". If the text can be represented in the same encoding scheme as the message, the attachment just has a descriptive header (2 to 4 lines of text), and the content is the same text. If the text can't be used directly, then it's encoded in something like base64, with a MIME header, and both parts are *essential* to error-free transmission and reception. It's not converted to MIME, that's just the meta information *about* the content.
also, a waste is to send a text message in 'base64'.
There are so many things which cannot transmit 8-bit clean, still (such as any text with accent marks in it, or symbols). So some form of encoding is *necessary* for content that cannot be sent as 7-bit-only, natively.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Wilkinson wrote: <snip> you use mutt. can mutt not send 'text/plain' in 8 bit?
Depends. Iââ¬â¢d argue that what is *really* a waste is that most mail clients have to encode 8 bit e-mails with quoted-printable or base64, for reliability reasonsù.
Base64 can actually lead to smaller e-mails than quoted-printable when
and again, you are missing point that i have been trying to get across. see 'my point' below.
Tim wrote:
Nine times out of ten, there is no "conversion". If the text can be represented in the same encoding scheme as the message,
There are so many things which cannot transmit 8-bit clean, still (such as any text with accent marks in it, or symbols).
still missing it.
'my point' is this;
*subject: fedora net etiquette*
this is 'fedora-list'. it is not intercourse between business, people writing in a 'non english language', or commercial advertisements.
it is a *tech support list* with people speaking in one common language as best as some are able to. [no degradation intended]
there is no need for accent marks, special characters or symbols. yet posters continue to do so.
the 'guidelines' state, in general terms, 'plain text'. for some reason there are posters who continue to send 'mime', 'quoted' and 'base64' instead of 'text/plain 8-bit'.
i am not talking about attachments of 'graphic', 'binary' or any other type of attachments that need be sent as base64.
and because they do, they come up with ever excuse they can to justify their doing so. why?
if i and many others can set up our mail clients for 'text/plain' 8-bit, why not rest of posters.
my only reasoning is that they do not care to bother to and to hell with who does not like.
'tniop ym'. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/
g wrote:
the 'guidelines' state, in general terms, 'plain text'. for some reason there are posters who continue to send 'mime', 'quoted' and 'base64' instead of 'text/plain 8-bit'.
i am not talking about attachments of 'graphic', 'binary' or any other type of attachments that need be sent as base64.
and because they do, they come up with ever excuse they can to justify their doing so. why?
if i and many others can set up our mail clients for 'text/plain' 8-bit, why not rest of posters.
my only reasoning is that they do not care to bother to and to hell with who does not like.
FWIW, you messages come in "mime" so I'm not sure if your are lambasting yourself also or simply unaware of that fact or what it means.
You send in:
MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
And you seem to complain, maybe I snipped too much, about people using accent marks, special characters or symbols which is perfectly acceptable and even desirable when I want to ask "why doesn't konsole display 耜 properly)?".
Also, BTW, what is so gosh darn awful about base64 or quoted-printable? The modern day User-Agents deal with it quite well.
And let's not forget that most of the people on this list *don't* exclusively post to this list. Therefore their email clients are not configured to "fedora standards". While is quite easy to configure most UA's to send HTML or not based on the recipient the MIME settings are quite a different matter.
There are still people in small areas of the world, China comes to mind, where their default character set is something other than UTF8 or ISO-8859-1 and where, due to necessity, their clients send in base64.
I suppose you are suggesting that these people make changes to their clients each and every time they send to the Fedora list....or maybe that these people sign up for gmail accounts so as to properly conform to what some people's narrow view of correctness is?
BTW, what is your definition of "plain text"? To my lovely wife sitting right next to me..謝謝 is quite plain.
I suspect that those people that you characterize as not caring and to hell with others are thinking....why is that person so intolerant? I thought this was a community.
On Fri, Oct 31, 2008 at 04:11:16 +0000, g geleem@bellsouth.net wrote:
you use mutt. can mutt not send 'text/plain' in 8 bit?
smtp isn't 8 bit clean. So even text/plain may need to be encoded if it uses stuff out of the normal ascii set.
g wrote:
you use mutt. can mutt not send 'text/plain' in 8 bit?
It does, and did. It looks as though somewhere en-route my last e-mail got recoded a couple of times, though.
Incidentally, 8 bit without MIME is meaningless: you need the MIME headers to (reliably) make any sense of the non-ASCII values. ASCII (US-ASCII in the standards) is merely 7 bit.
*subject: fedora net etiquette*
this is 'fedora-list'. it is not intercourse between business, people writing in a 'non english language', or commercial advertisements.
it is a *tech support list* with people speaking in one common language as best as some are able to. [no degradation intended]
there is no need for accent marks, special characters or symbols. yet posters continue to do so.
1. Red Hat Linux 8.0 adopted UTF-8 as a default for most locales. As far as I am aware, all Fedora mail clients support UTF-8, and most other modern e-mail clients do¹. So why not make use of it?
2. As has been pointed out, not all names can be properly spelt in ASCII, and there are other reasons for using symbols outside raw ASCII.
the 'guidelines' state, in general terms, 'plain text'. for some reason there are posters who continue to send 'mime', 'quoted' and 'base64' instead of 'text/plain 8-bit'.
text/plain is a MIME term. Quoted-printable and base64 are valid encodings of text/plain: according to the relevant standards, being quoted-printable or base64 doesn’t stop an e-mail being text/plain.
This guideline is aimed against text/HTML.
if i and many others can set up our mail clients for 'text/plain' 8-bit, why not rest of posters.
my only reasoning is that they do not care to bother to and to hell with who does not like.
You may care to take a look at RFCs 2045 to 2049, the RFCs defining MIME.
Hope this helps,
James.
¹ In my opinion, all modern e-mail clients support UTF-8. If it doesn’t support UTF-8, I won’t call it modern.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
"Community assistance, encouragement, and advice for using F"Community assistance, encouragement, and advice for using F"Community assistance, encouragement, and advice for using F"Community assistance, encouragement, and advice for using FJames Wilkinson wrote:
g wrote:
you use mutt. can mutt not send 'text/plain' in 8 bit?
It does, and did. It looks as though somewhere en-route my last e-mail got recoded a couple of times, though.
gander at copy from your header as i see;
+++ MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: 490A8564.4020701@bellsouth.net User-Agent: Mutt/1.5.18 (2008-05-17) X-SA: 0 X-RedHat-Spam-Score: 0 X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254 X-Scanned-By: MIMEDefang 2.63 on 172.16.48.32 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by listman.util.phx.redhat.com id m9VMGHad022594 +++
Incidentally,
<snip> ** no need going into this part now, as i think/hope ** you will see more of what i am getting at below.
- Red Hat Linux 8.0 adopted UTF-8 as a default for most locales. As far as I am aware, all Fedora mail clients support UTF-8, and most other modern e-mail clients do¹. So why not make use of it?
<snip>
the 'guidelines' state, in general terms, 'plain text'. for some reason there are posters who continue to send 'mime', 'quoted' and 'base64' instead of 'text/plain 8-bit'.
text/plain is a MIME term. Quoted-printable and base64 are valid encodings of text/plain: according to the relevant standards, being quoted-printable or base64 doesn’t stop an e-mail being text/plain.
to clear things a bit, i hope, in my second line above your reply, *mime* should not have been quoted, as my dislike is primarily with 'quoted' and 'base64'. still, i do not care for mime.
'quoted' will substitute an equal sign plus a 2 byte hex code, from ascii table for special characters, ie, *=3d* for 'equal sign' and *=20* for a 'space' if at end of a line. this to me is 'illogical'. as is rest of this use for what is *standard ascii*.
now, in your message and in your "1." above, 3rd line is, -> do¹ <-. which, viewed in hexeditor, after 'do' is c3 82 c2 b9 and equates to - -> 't <- and using 4 bytes to represent 2 bytes of *standard ascii*.
in your reply, line just before my reply, is -> doesn’t <-. which, viewed in hexeditor, after 'doesn' is c3 a2 e2 82 ac e2 84 a2 and equates to -> 't <- and using 8 bytes to represent 2 bytes of *standard ascii*.
where in again i say, and continue to say _mime_is_a_waste_. no matter how you look at it, using 12 bytes to represent 4 bytes is 8 bytes waste.
**note** i still have not gone thru all the trouble of setting thunderbird to be fully *mime compliant* and i see actually special coding. [waste ;o)]
This guideline is aimed against text/HTML.
and should include 'quoted' and 'base64'...
You may care to take a look at RFCs 2045 to 2049, the RFCs defining MIME.
i read them years back when mime came out, and a few months back, i skimmed thru them. because you bring them up again, i will go back and read in entire. plus a couple others that are still in my bookmarks.
later. i need to grab a bite of food and put in some more 'barn time'. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/
On Fri, 2008-10-31 at 04:11 +0000, g wrote:
it is a *tech support list* with people speaking in one common language as best as some are able to. [no degradation intended]
there is no need for accent marks, special characters or symbols. yet posters continue to do so.
All I can say is that you're a racist ignoramus. People who have accents in their names are not going to anglicise their names to please you, likewise with people who've names that don't use English characters, at all, and words that have accents as a proper part of their name, or anything else beyond ASCII (which has ALWAYS been hopelessly inadequate for anything other than basic grade school language).
As far as etiquette goes, you're taking the cake for blasting it away to be a rude pig.
You also seem to have a general misunderstanding about what plain text means, not to mention the technicalities of email. Content-type text/plain just means text, it doesn't disallow MIME headers, nor content-type-encoding, such as base 64. They're different things, again, and still part of plain text content.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote: <snip>
have a nice day. - --
tc,hago.
g .
in a free world without fences, who needs gates.
learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/
-
Beartooth -
Bruno Wolff III -
Chris Snook -
Dave Feustel -
Ed Greshko -
Frank Cox -
Fred Silsbee -
g -
Gilboa Davara -
James Wilkinson -
Joachim Backes -
Kam Leo -
Matthew Flaschen -
Michael H. Warfield -
Mikkel -
Patrick O'Callaghan -
Rick Stevens -
Simon Slater -
Steve Searle -
Tim