[Announce] Multiple Messages Problem in GnuPG and GPGME
Alan Batie
alan at batie.org
Tue Mar 6 19:11:49 CET 2007
Werner Koch wrote:
> The correct way to use gpg with redirection is
> by taking care of the status interface:
>
> $ gpg --status-fd 1 <forged.gpg
> [GNUPG:] PLAINTEXT 62 1172479053 foobar.txt
> [GNUPG:] PLAINTEXT_LENGTH 36
> This is my sneaky plaintext message
> [GNUPG:] PLAINTEXT 62 1172480224 original-signed-message
> [GNUPG:] PLAINTEXT_LENGTH 86
> Either I'm dead or my watch has stopped.
> -- Groucho Marx's last words
> gpg: Signature made Mon Feb 26 09:57:04 2007 CET using DSA key ID 68697734
> [GNUPG:] SIG_ID UncMPBJYgbG/uszJVNKoCAz+hvY 2007-02-26 1172480224
> [GNUPG:] GOODSIG 2D727CC768697734 Alfa Test (demo key) <alfa at example.net>
> gpg: Good signature from "Alfa Test (demo key) <alfa at example.net>"
> [...]
>
> Here the PLAINTEXT status lines clearly identify the start of a new
> message.
"clearly"? Only to a gnupg developer would this be "clearly". Granted,
for the most part, the only people using pgp probably can interpret
this, but if you ever want non-techies to have any hope of using it,
this needs major improvement. And I suspect even most technical people
would prefer something more readable... How about:
$ gpg < forged.gpg
[GNUPG SEGMENT 1:] foobar.txt
---
This is my sneaky plaintext message
---
[GNUPG STATUS 1:] UNTRUSTED (unsigned, possibly forged)
===
[GNUPG SEGMENT 2:] original-signed-message
---
Either I'm dead or my watch has stopped.
-- Groucho Marx's last words
---
[GNUPG SIG INFO 2:] Signature made Mon Feb 26 09:57:04 2007 CET using
DSA key ID 68697734
[GNUPG STATUS 2:] Good signature from "Alfa Test (demo key)
<alfa at example.net>"
Still parseable (which I assume is the reason for the crypticness), but
readable as well.
And for the developers who want more machine readable info:
$ gpg -v < forged.gpg
[GNUPG SEGMENT 1:] foobar.txt
[GNUPG DATA 1:] PLAINTEXT 62 1172479053 36 foobar.txt
---
This is my sneaky plaintext message
---
[GNUPG STATUS 1:] UNTRUSTED (unsigned, possibly forged)
===
[GNUPG SEGMENT 2:] original-signed-message
---
Either I'm dead or my watch has stopped.
-- Groucho Marx's last words
---
[GNUPG SIG INFO 2:] Signature made Mon Feb 26 09:57:04 2007 CET using
DSA key ID 68697734
[GNUPG SIG_ID 2:] UncMPBJYgbG/uszJVNKoCAz+hvY 2007-02-26 1172480224
[GNUPG DATA 2:] GOODSIG 2D727CC768697734 Alfa Test (demo key)
<alfa at example.net>
[GNUPG STATUS 2:] Good signature from "Alfa Test (demo key)
<alfa at example.net>"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3263 bytes
Desc: S/MIME Cryptographic Signature
Url : /pipermail/attachments/20070306/c8acab47/attachment.bin
More information about the Gnupg-devel
mailing list