Are gpg signatures considered attachments?
Thorsten Haude
linux at thorstenhau.de
Sun Dec 25 21:40:57 CET 2005
Hi,
* Chris wrote (2005-12-25 20:29):
>On Sunday 25 December 2005 11:54 am, Thorsten Haude wrote:
>> * Chris wrote (2005-12-25 17:22):
>> >I know that is probably a lame question, however, I'm on several mailing
>> >lists that are bouncing my messages back to me because they are signed.
>> > The list owners are telling me this is because they don't allow
>> > attachments.
>>
>> Mutt adds a 'Content-Disposition: inline' to the MIME part containing
>> the signature. This seems to work, I don't remember any bouncing
>> mails. (Pipermail has a problem with signed attachments though.)
>
>Thanks Thorsten. It was pointed out to me that my signatures had been added
>as attachments which was causing the bounces. When I changed to 'inline'
>the problem went away. Kmail however shows 'Inline OpenPGP (deprecated)'
>not exactly why it shows that, but its the option I'm now using.
No, you misunderstood me. The way you sign your mails now is indeed
deprecated, I don't use it and I don't recommend it.
I use PGP/MIME signatures, which Mutt tags as inline MIME elements
following RFC 2183:
- - - Schnipp - - -
2.1 The Inline Disposition Type
A bodypart should be marked `inline' if it is intended to be
displayed automatically upon display of the message. Inline
bodyparts should be presented in the order in which they occur,
subject to the normal semantics of multipart messages.
- - - Schnapp - - -
So a smart mail handler (eg. a mailing list software) that does not
know about PGP/MIME can at least gracefully fall back.
KMail does not set this field for the signature (it does for the mail
text), so this is a KMail bug. I'm not sure how receiving MUAs are
expected to cope with a non-existing Content-Disposition field, but
there is a hint in the RFC: "Unrecognized disposition types should be
treated as `attachment'."
Here is a rough outline of the MIME headers of our mails:
- - - Schnipp - - -
KMail, signed mail (ie. wrapper around mail text + signature):
Content-Type: multipart/signed;
boundary="nextPart2829039.id6uN21AOM";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
KMail, mail text:
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
KMail, signature:
Content-Type: application/pgp-signature
- - - Schnapp - - -
- - - Schnipp - - -
Mutt, signed mail:
Content-Type: multipart/signed;
boundary="CXFpZVxO6m2Ol4tQ"
protocol="application/pgp-signature";
micalg=pgp-sha1;
Content-Disposition: inline
Mutt, mail text:
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Mutt, signature:
Content-Type: application/pgp-signature
Content-Disposition: inline
- - - Schnapp - - -
So the only difference is KMail's redundant Content-Transfer-Encoding
(which is 7bit by default anyway) and Mutt's Content-Disposition.
In conclusion, use whatever works for you, but please try to get the
KMail guys to add the Content-Disposition field by filing a bug with
them (they may regard it as a feature request).
Thorsten
--
Unix is not an 'A-ha!' experience, it is more of a 'Holy shit!' experience.
- Colin McFadyen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20051225/18f492d4/attachment.pgp
More information about the Gnupg-users
mailing list