Virus-checking software flagging GNUpg signatures?
Simon Josefsson
jas@extundo.com
Fri Jan 18 00:08:02 2002
Werner Koch <wk@gnupg.org> writes:
> On Thu, 17 Jan 2002 04:22:31 -0800, George Schoelles said:
>
>> If you could name the attached signature it might help. Most
>> Windows users would be rightfully weary of "Attachment: 1".
>> Else, do a plain text signature for easy, unquestionable
>> viewing.
>
> Great, the IETF steps back from working protocols to fix the
> buggy software of one vendor. I can image a lot of other
> protocols we should then change. Eventually RFC 1149 [1] will
> be used as the only allowed transport protocol.
Another "practical" problem with PGP/MIME is that MIME headers is
sometimes changed in transit or by mail servers which breaks the
signature. The "Outlook plugin" approach to PGP and MIME works
better in the real world, I'm sorry to say. (That approach being
to encode the message with text/plain, application/pdf etc MIME
tags and then simply replace each MIME part body with PGP blobs.)