* What method do *you* use for signing Usenet posts? @ 2003-01-19 17:26 Kirk Strauser 2003-01-19 18:12 ` Josh Huber 2003-01-19 20:03 ` Vasily Korytov 0 siblings, 2 replies; 22+ messages in thread From: Kirk Strauser @ 2003-01-19 17:26 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 1008 bytes --] I've recently switched to Oort and PGG and have started signing all outgoing messages. I hadn't realized that people in some Usenet groups were going to get seriously upset at my usage of PGP/MIME signatures ("Ack! You're sending us viruses!"). Now, I have every intention of continuing to sign my mail and postings, but need some advice. What method of signing should I use? I see three problems: 1) Some people freak out when they see attachments (silly Outlook Express users. :) ). 2) Some mailers and newsreaders freak out when they see attachments ("Hey, I know, I'll just display a blank message!"). 3) Some people freak out when they see plaintext signatures inserted at the end of an email message ("Your computer must be broken because I couldn't read that last part of your email."). Has anyone found a way to peacefully co-exist with people who get upset when they see something they don't understand? -- Kirk Strauser In Googlis non est, ergo non est. [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 17:26 What method do *you* use for signing Usenet posts? Kirk Strauser @ 2003-01-19 18:12 ` Josh Huber 2003-01-19 18:34 ` Kirk Strauser 2003-01-19 20:03 ` Vasily Korytov 1 sibling, 1 reply; 22+ messages in thread From: Josh Huber @ 2003-01-19 18:12 UTC (permalink / raw) Kirk Strauser <kirk@strauser.com> writes: > Has anyone found a way to peacefully co-exist with people who get > upset when they see something they don't understand? Really, if that's the goal, the only answer is to not sign your usenet postings... :) -- Josh Huber ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 18:12 ` Josh Huber @ 2003-01-19 18:34 ` Kirk Strauser 0 siblings, 0 replies; 22+ messages in thread From: Kirk Strauser @ 2003-01-19 18:34 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 502 bytes --] At 2003-01-19T18:12:46Z, Josh Huber <huber@alum.wpi.edu> writes: > Really, if that's the goal, the only answer is to not sign your usenet > postings... :) Well, I'd really prefer to avoid that method. It's kind of the principal of the thing: why should I be less interested in protecting my identity on Usenet than on mailing lists? (note: I *did* see the smiley :) ). Alternatively, is there a FAQ I can point complainers toward? -- Kirk Strauser In Googlis non est, ergo non est. [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 17:26 What method do *you* use for signing Usenet posts? Kirk Strauser 2003-01-19 18:12 ` Josh Huber @ 2003-01-19 20:03 ` Vasily Korytov 2003-01-19 21:19 ` Xavier MAILLARD 2003-01-19 22:18 ` Kirk Strauser 1 sibling, 2 replies; 22+ messages in thread From: Vasily Korytov @ 2003-01-19 20:03 UTC (permalink / raw) Cc: ding [-- Attachment #1: Type: text/plain, Size: 643 bytes --] >>>>> "KS" == Kirk Strauser writes: KS> 2) Some mailers and newsreaders freak out when they see attachments KS> ("Hey, I know, I'll just display a blank message!"). Correct, some Usenet readers are not MIME-compatible. Personally I try not to use MIME on Usenet. If you want PGP in Usenet, better use the RFC1991-compatible version. KS> 3) Some people freak out when they see plaintext signatures KS> inserted at the end of an email message ("Your computer must be KS> broken because I couldn't read that last part of your email."). You can safely tell them: RTFM. And/or get a better newsreader. =)) ---Vas [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 20:03 ` Vasily Korytov @ 2003-01-19 21:19 ` Xavier MAILLARD 2003-01-19 22:18 ` Kirk Strauser 1 sibling, 0 replies; 22+ messages in thread From: Xavier MAILLARD @ 2003-01-19 21:19 UTC (permalink / raw) Cc: Kirk Strauser, ding [-- Attachment #1: Type: text/plain, Size: 850 bytes --] On Sun, 19 Jan 2003, Vasily Korytov uttered the following: > >>>>> "KS" == Kirk Strauser writes: > > KS> 2) Some mailers and newsreaders freak out when they see > KS> attachments ("Hey, I know, I'll just display a blank > KS> message!"). > > Correct, some Usenet readers are not MIME-compatible. Personally I > try not to use MIME on Usenet. If you want PGP in Usenet, better use > the RFC1991-compatible version. Yup > KS> 3) Some people freak out when they see plaintext signatures > KS> inserted at the end of an email message ("Your computer must > KS> be broken because I couldn't read that last part of your > KS> email."). > > You can safely tell them: RTFM. And/or get a better newsreader. =)) Argh ! You have preceded me :) It is exactly what I would have said ;-) zeDek [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 20:03 ` Vasily Korytov 2003-01-19 21:19 ` Xavier MAILLARD @ 2003-01-19 22:18 ` Kirk Strauser 2003-01-19 23:02 ` Simon Josefsson 2003-01-19 23:19 ` Vasily Korytov 1 sibling, 2 replies; 22+ messages in thread From: Kirk Strauser @ 2003-01-19 22:18 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 567 bytes --] At 2003-01-19T20:03:49Z, deskpot@myrealbox.com (Vasily Korytov) writes: > Correct, some Usenet readers are not MIME-compatible. Personally I try not > to use MIME on Usenet. If you want PGP in Usenet, better use the > RFC1991-compatible version. Gotcha. I don't know my way around PGG well enough yet to know how to do so. Can it do this? > You can safely tell them: RTFM. And/or get a better newsreader. =)) Yeah, that did a *lot* to settle the flames I was receiving, let me tell ya. ;-) -- Kirk Strauser In Googlis non est, ergo non est. [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 22:18 ` Kirk Strauser @ 2003-01-19 23:02 ` Simon Josefsson 2003-01-19 23:19 ` Vasily Korytov 1 sibling, 0 replies; 22+ messages in thread From: Simon Josefsson @ 2003-01-19 23:02 UTC (permalink / raw) Cc: ding Kirk Strauser <kirk@strauser.com> writes: > At 2003-01-19T20:03:49Z, deskpot@myrealbox.com (Vasily Korytov) writes: > >> Correct, some Usenet readers are not MIME-compatible. Personally I try not >> to use MIME on Usenet. If you want PGP in Usenet, better use the >> RFC1991-compatible version. > > Gotcha. I don't know my way around PGG well enough yet to know how to do > so. Can it do this? Yup. Click on "PGP Sign" instead of "PGP/MIME Sign", or use "pgp" instead of "pgpmime" in the MML tags. ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 22:18 ` Kirk Strauser 2003-01-19 23:02 ` Simon Josefsson @ 2003-01-19 23:19 ` Vasily Korytov 2003-01-19 23:30 ` Andreas Fuchs 1 sibling, 1 reply; 22+ messages in thread From: Vasily Korytov @ 2003-01-19 23:19 UTC (permalink / raw) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "KS" == Kirk Strauser writes: KS> At 2003-01-19T20:03:49Z, deskpot@myrealbox.com (Vasily Korytov) writes: >> Correct, some Usenet readers are not MIME-compatible. Personally I try not >> to use MIME on Usenet. If you want PGP in Usenet, better use the >> RFC1991-compatible version. KS> Gotcha. I don't know my way around PGG well enough yet to know how to do KS> so. Can it do this? Surely. But PGG setup has nothing to do with it. Just remove `mime' from the tag to sign the message (i.e. <#secure method=pgpmime mode=sign>). You can see the result in this message -- I use Oort from CVS and gpg.el (PGG should work as well). >> You can safely tell them: RTFM. And/or get a better newsreader. =)) KS> Yeah, that did a *lot* to settle the flames I was receiving, let me tell KS> ya. ;-) Well, of course, the arguments differ greatly because of opponents. The above is what I think -- and in every newsgroup or maillist, that has something serious to do with computers, I would say the same. Maybe, with the date of RFC1991 published too. If the target auditorium does not want knowing anything, of course, it would be such as: ``Don't worry and simply ignore that chunk. Frankly, it's the digital signature (if you want, you can read more at <http://www.pgpi.net/>[2] and <http://www.gnupg.org/>).[1]'' Note, that this expression does not blame anyone -- when dealing with people, knowing nothing, about subject, it may be the key moment. If they feel interested, they may go to the URLs above, if they're still intrestedm they will be asking: ``How do I manage having those cool digital signatures?'' And it's the maximum, you can reach. [1] It may be a good idea to include the short alike explanation in the signature, used for such newsgroups. [2] I'm not sure, if I've misspelt the URL, and, unfortunately, can't check it at the moment. - ---Vas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+KzJ5oPg1JPzYGEERAqD/AJ9O1fbj+l+nI8fen5cMm7UrBq4PUwCfdy6H uCxRo0bb3WYm8OnvgpI9WlQ= =BfIB -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:19 ` Vasily Korytov @ 2003-01-19 23:30 ` Andreas Fuchs 2003-01-19 23:43 ` Josh Huber ` (2 more replies) 0 siblings, 3 replies; 22+ messages in thread From: Andreas Fuchs @ 2003-01-19 23:30 UTC (permalink / raw) Today, Vasily Korytov <deskpot@myrealbox.com> wrote: >>>>>> "KS" == Kirk Strauser writes: > KS> Gotcha. I don't know my way around PGG well enough yet to know > KS> how to do so. Can it do this? > > Surely. But PGG setup has nothing to do with it. Just remove `mime' > from the tag to sign the message (i.e. <#secure method=pgpmime > mode=sign>). You can see the result in this message -- I use Oort from > CVS and gpg.el (PGG should work as well). I wonder - why does the user have to decide such things? Would it not make more sense to just specify the method and let gnus itself figure out whether it should use mime or not (i.e. if there is a mime part, use detached signatures, if not, use plain pgp)? -- Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:30 ` Andreas Fuchs @ 2003-01-19 23:43 ` Josh Huber 2003-01-20 7:45 ` Andreas Fuchs 2003-01-19 23:45 ` Vasily Korytov 2003-01-20 10:25 ` Simon Josefsson 2 siblings, 1 reply; 22+ messages in thread From: Josh Huber @ 2003-01-19 23:43 UTC (permalink / raw) Andreas Fuchs <asf@void.at> writes: > I wonder - why does the user have to decide such things? Would it > not make more sense to just specify the method and let gnus itself > figure out whether it should use mime or not (i.e. if there is a > mime part, use detached signatures, if not, use plain pgp)? I really like this idea. Way back in the day (okay, only about a year ago, I think... :), I put in some logic which scans though the message and decides whether or not to automatically insert a multipart signed tag, or a part signed tag. Prior to that, if you selected "sign" or "encrypt" it would only get the first part in the case of a multi-part message. This could be quite bad, and almost certainly was not what the user was expecting to happen. We could have some other tag, such as "pgpauto", which selected plain PGP when there were no other attachments, but used pgp/mime if there were. The problem which arises from this (IMHO) is one of keybindings. What do we use? I already don't like the fact that there are separate keybindings for pgp and pgp/mime -- personally, I think there should be one keyboard interface for signing/encrypting, and there should be another variable which selects what style those commands use. -- Josh Huber ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:43 ` Josh Huber @ 2003-01-20 7:45 ` Andreas Fuchs 2003-01-21 6:07 ` Lars Magne Ingebrigtsen 0 siblings, 1 reply; 22+ messages in thread From: Andreas Fuchs @ 2003-01-20 7:45 UTC (permalink / raw) [-- Attachment #1.1: Type: text/plain, Size: 411 bytes --] On 2003-01-19, Josh Huber <huber@alum.wpi.edu> wrote: > We could have some other tag, such as "pgpauto", which selected plain > PGP when there were no other attachments, but used pgp/mime if there > were. Did just that (and this message is a test of the function as well (-:). Use `M-x mml-secure-message-sign-pgpauto' to sign messages; gnus should figure the rest out by itseld. Here is the patch: [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #1.2: mml-auto-signing.diff --] [-- Type: text/x-patch, Size: 3379 bytes --] Index: lisp/mml-sec.el =================================================================== RCS file: /usr/local/cvsroot/gnus/lisp/mml-sec.el,v retrieving revision 1.18 diff -c -u -r1.18 mml-sec.el --- lisp/mml-sec.el 2002/10/09 23:29:53 1.18 +++ lisp/mml-sec.el 2003/01/20 07:36:58 @@ -31,6 +31,7 @@ (defvar mml-sign-alist '(("smime" mml-smime-sign-buffer mml-smime-sign-query) ("pgp" mml-pgp-sign-buffer list) + ("pgpauto" mml-pgpauto-sign-buffer list) ("pgpmime" mml-pgpmime-sign-buffer list)) "Alist of MIME signer functions.") @@ -40,6 +41,7 @@ (defvar mml-encrypt-alist '(("smime" mml-smime-encrypt-buffer mml-smime-encrypt-query) ("pgp" mml-pgp-encrypt-buffer list) + ("pgpauto" mml-pgpauto-sign-buffer list) ("pgpmime" mml-pgpmime-encrypt-buffer list)) "Alist of MIME encryption functions.") @@ -49,6 +51,7 @@ (defcustom mml-signencrypt-style-alist '(("smime" separate) ("pgp" separate) + ("pgpauto" separate) ("pgpmime" separate)) "Alist specifying if `signencrypt' results in two separate operations or not. The first entry indicates the MML security type, valid entries include @@ -118,6 +121,20 @@ (or (mml2015-encrypt cont sign) (error "Encryption failed... inspect message logs for errors"))) +(defun mml-pgpauto-sign-buffer (cont) + (message-goto-body) + (or (if (re-search-backward "Content-Type: *multipart/.*" nil t) ; there must be a better way... + (mml2015-sign cont) + (mml1991-sign cont)) + (error "Encryption failed... inspect message logs for errors"))) + +(defun mml-pgpauto-encrypt-buffer (cont &optional sign) + (message-goto-body) + (or (if (re-search-backward "Content-Type: *multipart/.*" nil t) ; there must be a better way... + (mml2015-encrypt cont sign) + (mml1991-encrypt cont sign)) + (error "Encryption failed... inspect message logs for errors"))) + (defun mml-secure-part (method &optional sign) (save-excursion (let ((tags (funcall (nth 2 (assoc method (if sign mml-sign-alist @@ -148,6 +165,11 @@ (interactive) (mml-secure-part "pgp" 'sign)) +(defun mml-secure-sign-pgp () + "Add MML tags to PGP-auto sign this MML part." + (interactive) + (mml-secure-part "pgpauto" 'sign)) + (defun mml-secure-sign-pgpmime () "Add MML tags to PGP/MIME sign this MML part." (interactive) @@ -214,6 +236,11 @@ (interactive) (mml-secure-message "pgpmime" 'sign)) +(defun mml-secure-message-sign-pgpauto () + "Add MML tag to encrypt/sign the entire message." + (interactive) + (mml-secure-message "pgpauto" 'sign)) + (defun mml-secure-message-encrypt-smime (&optional dontsign) "Add MML tag to encrypt and sign the entire message. If called with a prefix argument, only encrypt (do NOT sign)." @@ -231,5 +258,11 @@ If called with a prefix argument, only encrypt (do NOT sign)." (interactive "P") (mml-secure-message "pgpmime" (if dontsign 'encrypt 'signencrypt))) + +(defun mml-secure-message-encrypt-pgpmime (&optional dontsign) + "Add MML tag to encrypt and sign the entire message. +If called with a prefix argument, only encrypt (do NOT sign)." + (interactive "P") + (mml-secure-message "pgpauto" (if dontsign 'encrypt 'signencrypt))) (provide 'mml-sec) [-- Attachment #1.3: Type: text/plain, Size: 79 bytes --] Happy hacking, -- Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-20 7:45 ` Andreas Fuchs @ 2003-01-21 6:07 ` Lars Magne Ingebrigtsen 2003-01-21 8:46 ` Xavier MAILLARD 2003-01-21 9:31 ` Andreas Fuchs 0 siblings, 2 replies; 22+ messages in thread From: Lars Magne Ingebrigtsen @ 2003-01-21 6:07 UTC (permalink / raw) Andreas Fuchs <asf@void.at> writes: > Did just that (and this message is a test of the function as well > (-:). Use `M-x mml-secure-message-sign-pgpauto' to sign messages; gnus > should figure the rest out by itseld. > > Here is the patch: Looks nice. Nobody has sent me the list of copyright assignments yet (hint, hint :-), so I have to ask: Do you have FSF copyright assignments on file? -- (domestic pets only, the antidote for overdose, milk.) larsi@gnus.org * Lars Magne Ingebrigtsen ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-21 6:07 ` Lars Magne Ingebrigtsen @ 2003-01-21 8:46 ` Xavier MAILLARD 2003-01-21 10:03 ` Lars Magne Ingebrigtsen 2003-01-21 9:31 ` Andreas Fuchs 1 sibling, 1 reply; 22+ messages in thread From: Xavier MAILLARD @ 2003-01-21 8:46 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 505 bytes --] Andreas Fuchs <asf@void.at> writes: >> Did just that (and this message is a test of the function as well >> (-:). Use `M-x mml-secure-message-sign-pgpauto' to sign messages; gnus >> should figure the rest out by itseld. >> >> Here is the patch: >Looks nice. >Nobody has sent me the list of copyright assignments yet (hint, hint :-), >so I have to ask: Do you have FSF copyright assignments on file? Hum what are these copyrights ?? larsi@gnus.org * Lars Magne Ingebrigtsen zeDek [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-21 8:46 ` Xavier MAILLARD @ 2003-01-21 10:03 ` Lars Magne Ingebrigtsen 0 siblings, 0 replies; 22+ messages in thread From: Lars Magne Ingebrigtsen @ 2003-01-21 10:03 UTC (permalink / raw) Xavier MAILLARD <zedek@gnu-rox.org> writes: > Hum what are these copyrights ?? The FSF requires that all code in Emacs be assigned to the FSF. -- (domestic pets only, the antidote for overdose, milk.) larsi@gnus.org * Lars Magne Ingebrigtsen ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-21 6:07 ` Lars Magne Ingebrigtsen 2003-01-21 8:46 ` Xavier MAILLARD @ 2003-01-21 9:31 ` Andreas Fuchs 2003-01-21 9:48 ` Andreas Fuchs 2003-01-21 10:05 ` Lars Magne Ingebrigtsen 1 sibling, 2 replies; 22+ messages in thread From: Andreas Fuchs @ 2003-01-21 9:31 UTC (permalink / raw) Today, Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: > Andreas Fuchs <asf@void.at> writes: > Looks nice. > > Nobody has sent me the list of copyright assignments yet (hint, hint > :-), so I have to ask: Do you have FSF copyright assignments on file? I've signed papers for changes to Gnus. I think we should be fine (-: -- Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-21 9:31 ` Andreas Fuchs @ 2003-01-21 9:48 ` Andreas Fuchs 2003-01-21 10:05 ` Lars Magne Ingebrigtsen 1 sibling, 0 replies; 22+ messages in thread From: Andreas Fuchs @ 2003-01-21 9:48 UTC (permalink / raw) Today, Andreas Fuchs <asf@void.at> wrote: >> Nobody has sent me the list of copyright assignments yet (hint, hint >> :-), so I have to ask: Do you have FSF copyright assignments on file? > > I've signed papers for changes to Gnus. I think we should be fine (-: Uh, make that "past and future" changes (: -- Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-21 9:31 ` Andreas Fuchs 2003-01-21 9:48 ` Andreas Fuchs @ 2003-01-21 10:05 ` Lars Magne Ingebrigtsen 1 sibling, 0 replies; 22+ messages in thread From: Lars Magne Ingebrigtsen @ 2003-01-21 10:05 UTC (permalink / raw) Andreas Fuchs <asf@void.at> writes: > I've signed papers for changes to Gnus. I think we should be fine (-: Thanks; I've now applied the patch. -- (domestic pets only, the antidote for overdose, milk.) larsi@gnus.org * Lars Magne Ingebrigtsen ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:30 ` Andreas Fuchs 2003-01-19 23:43 ` Josh Huber @ 2003-01-19 23:45 ` Vasily Korytov 2003-01-20 0:29 ` Andreas Fuchs 2003-01-20 10:25 ` Simon Josefsson 2 siblings, 1 reply; 22+ messages in thread From: Vasily Korytov @ 2003-01-19 23:45 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 1127 bytes --] >>>>> "asf" == Andreas Fuchs writes: asf> Today, Vasily Korytov <deskpot@myrealbox.com> wrote: >> Surely. But PGG setup has nothing to do with it. Just remove `mime' >> from the tag to sign the message (i.e. <#secure method=pgpmime >> mode=sign>). You can see the result in this message -- I use Oort from >> CVS and gpg.el (PGG should work as well). asf> I wonder - why does the user have to decide such things? Would it not asf> make more sense to just specify the method and let gnus itself figure asf> out whether it should use mime or not (i.e. if there is a mime part, use asf> detached signatures, if not, use plain pgp)? IMHO, the user _has_ to decide it. For example, I prefer PGP/MIME for mail, but when I use PGP for Usenet (I usually don't, but that's another story), I want RFC1991 PGP. I can prefer having PGP/MIME for one recipient, and old style PGP for another. It may be really useful, so why eliminating this option (why removing options anyway -- it's the Outlook way, we all know, in what it results)? BTW, the behaviour, you want, can be made through hooks. ---Vas [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:45 ` Vasily Korytov @ 2003-01-20 0:29 ` Andreas Fuchs 2003-01-20 0:49 ` Vasily Korytov 0 siblings, 1 reply; 22+ messages in thread From: Andreas Fuchs @ 2003-01-20 0:29 UTC (permalink / raw) Today, Vasily Korytov <deskpot@myrealbox.com> wrote: > asf> I wonder - why does the user have to decide such things? Would > asf> it not make more sense to just specify the method and let gnus > asf> itself figure out whether it should use mime or not (i.e. if > asf> there is a mime part, use detached signatures, if not, use plain > asf> pgp)? > > IMHO, the user _has_ to decide it. For example, I prefer PGP/MIME for > mail, but when I use PGP for Usenet (I usually don't, but that's > another story), I want RFC1991 PGP. > > I can prefer having PGP/MIME for one recipient, and old style PGP for > another. IMHO, there is no way to prefer one over the other: If there are mime parts in the message, it should be signed as a multipart, and if there is no mime part in it, gnus should not put one in, for size and compatibility considerations. > It may be really useful, so why eliminating this option (why removing > options anyway -- it's the Outlook way, we all know, in what it > results)? I don't intend to rename a common option, I only suggested that the <secure> code be made to work as expected - secure a message and ensure that most receipients (even outlook users, stupid email gateways which don't grok mime) can read and decode it. > BTW, the behaviour, you want, can be made through hooks. Absolutely. But in my opinion, it's a reasonable default, so why not make it one? (-: -- Andreas Fuchs, <asf@acm.org>, asf@jabber.at, antifuchs ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-20 0:29 ` Andreas Fuchs @ 2003-01-20 0:49 ` Vasily Korytov 2003-01-20 1:17 ` Vasily Korytov 0 siblings, 1 reply; 22+ messages in thread From: Vasily Korytov @ 2003-01-20 0:49 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 885 bytes --] >>>>> "asf" == Andreas Fuchs writes: asf> Today, Vasily Korytov <deskpot@myrealbox.com> wrote: >> I can prefer having PGP/MIME for one recipient, and old style PGP for >> another. asf> IMHO, there is no way to prefer one over the other: If there are mime asf> parts in the message, it should be signed as a multipart, and if there asf> is no mime part in it, gnus should not put one in, for size and asf> compatibility considerations. Ha. Seems, you simply don't know much about ``compatibility considerations''. Some MUAs only have the support for RFC1991, some -- only for 2015. So there's a good reason to specify it sometimes manually. Next, I prefer PGP/MIME, where it's possible -- because it's a much more cleaner standard. Why can't I do so? Why should I be forced to use RFC1991-style PGP only because you think it's the right choice? ---Vas [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-20 0:49 ` Vasily Korytov @ 2003-01-20 1:17 ` Vasily Korytov 0 siblings, 0 replies; 22+ messages in thread From: Vasily Korytov @ 2003-01-20 1:17 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 1220 bytes --] >>>>> "VK" == Vasily Korytov writes: >>>>> "asf" == Andreas Fuchs writes: asf> IMHO, there is no way to prefer one over the other: If there are mime asf> parts in the message, it should be signed as a multipart, and if there asf> is no mime part in it, gnus should not put one in, for size and asf> compatibility considerations. VK> Ha. Seems, you simply don't know much about ``compatibility VK> considerations''. Some MUAs only have the support for RFC1991, some -- VK> only for 2015. So there's a good reason to specify it sometimes VK> manually. Yeah, one thing more about ``compatibility considerations'' and ``broken email gateways'', both mentioned by you. Well, I had a POP3 accound on the M$ME server -- and this machine did weird things with PGP signatures. The signed part was left, the signature was cut, the whole former message was attached as application/ms-tnef -- having a normal PGP-signed message on the SMTP input. So, the signatures were practically deleted. But in RFC1991-style messages this stupid Exchange couldn't find the text part -- and removed everything. So, nothing is so simple. RFC1991 isn't the compatibility aid, as you propose it to be. ---Vas [-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --] ^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: What method do *you* use for signing Usenet posts? 2003-01-19 23:30 ` Andreas Fuchs 2003-01-19 23:43 ` Josh Huber 2003-01-19 23:45 ` Vasily Korytov @ 2003-01-20 10:25 ` Simon Josefsson 2 siblings, 0 replies; 22+ messages in thread From: Simon Josefsson @ 2003-01-20 10:25 UTC (permalink / raw) Andreas Fuchs <asf@void.at> writes: > I wonder - why does the user have to decide such things? Would it not > make more sense to just specify the method and let gnus itself figure > out whether it should use mime or not (i.e. if there is a mime part, use > detached signatures, if not, use plain pgp)? The user will ultimately have the control, but suggesting a useful default would be good. OK, what about a setting that makes Gnus always use the sign/encrypt style of the original message? It shouldn't be PGP specific, but support S/MIME too, of course. Another setting would be to make Gnus always sign outgoing mail using the "most appropriate" setting. The most appropriate setting would be configurable, using a predicate like '(if multipart "pgpmime" "pgp")' or "smime" or whatever the user prefers. Making a variable that makes Gnus sign/encrypt outgoing mail based on a regular expression matching the recipient is more tricky -- what to do when several recipients are specified, and only one match? Ideally one unsigned and one signed message should be sent, to the appropriate recipients, but there is no framework for this right now AFAIK. ^ permalink raw reply [flat|nested] 22+ messages in thread
end of thread, other threads:[~2003-01-21 10:05 UTC | newest] Thread overview: 22+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2003-01-19 17:26 What method do *you* use for signing Usenet posts? Kirk Strauser 2003-01-19 18:12 ` Josh Huber 2003-01-19 18:34 ` Kirk Strauser 2003-01-19 20:03 ` Vasily Korytov 2003-01-19 21:19 ` Xavier MAILLARD 2003-01-19 22:18 ` Kirk Strauser 2003-01-19 23:02 ` Simon Josefsson 2003-01-19 23:19 ` Vasily Korytov 2003-01-19 23:30 ` Andreas Fuchs 2003-01-19 23:43 ` Josh Huber 2003-01-20 7:45 ` Andreas Fuchs 2003-01-21 6:07 ` Lars Magne Ingebrigtsen 2003-01-21 8:46 ` Xavier MAILLARD 2003-01-21 10:03 ` Lars Magne Ingebrigtsen 2003-01-21 9:31 ` Andreas Fuchs 2003-01-21 9:48 ` Andreas Fuchs 2003-01-21 10:05 ` Lars Magne Ingebrigtsen 2003-01-19 23:45 ` Vasily Korytov 2003-01-20 0:29 ` Andreas Fuchs 2003-01-20 0:49 ` Vasily Korytov 2003-01-20 1:17 ` Vasily Korytov 2003-01-20 10:25 ` Simon Josefsson
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).