Save signature in mail headers
Werner Koch
wk at gnupg.org
Sun Aug 7 14:58:07 CEST 2005
On Fri, 05 Aug 2005 23:43:00 +0200, David Srbecky said:
> I would like to sign all my mail, but I do not want to annoy people that
> have incompatible e-mail clients with extra attachment file or signature
> in the text of the message.
There are at least three reasons against this:
1. It is hard to get these header signatures right. That newly
prposed DKIM has almost immediatly been broken due to design
problems in white space processing.
2. You can't stream the data. The header of a mail is comes before
the signature has been calculated. One of the things OpenPGP fixed
(compared to PGP 2) is that it allows to stream data of arbitary
length. No need for temporary files.
3. It is not needed MIME (S/MIME or PGP/MIME) are established and well
matured protocols. IF you want to sign the actual headers of a
message, simply encapsulate the entire message into an rfc822
container and you are done.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list