From: (Chris Beggy ) news@kippona.com
Subject: Re: PGP support
Date: Fri, 16 Nov 2001 15:18:26 -0500 [thread overview]
Message-ID: <87y9l6zcz1.fsf@lackawana.kippona.com> (raw)
In-Reply-To: <iluwv0q1q1o.fsf@dhcp128.extundo.com>
Simon Josefsson <jas@extundo.com> writes:
> Werner Koch <wk@gnupg.org> writes:
>
>> On Fri, 16 Nov 2001 13:26:20 -0500, Chris Beggy said:
>>
>>> How about a header field:
>>
>>> X-Gnus: pgp-verified signature with key 0x454545 valid untrusted
>>
>> BTW, I might have missed it but an important feature would be to add a
>> line like:
>>
>> X-Gnus-Orig-Encrypted-To: 0x12345678, 0x34567890
>>
>> So that one can see that the message was originally encrypted and even
>> more important to automagically suggest to encrypt any reply.
> I don't understand the value of having a header line that says the
> message was originally encrypted, the client already knows this? And
> users should probably not trust such headers without the client saying
> it is OK, and if the client can do that, the client could use some
> other (better) way of conveying this information anyway.
I thought you'd like this idea :-) I know you don't like the
results placed in the message body, where they can be spoofed, as
you showed.
Previous posts in this thread have been discussing the
shortcomings of:
1. poor visual cue from [hp e] in the modeline to convey
signature/encryption status (signed,encrypted,valid,trusted?)
2. poor security of placing encryption status in the message
body (you demonstrated this...)
3. introducing Orig-Encrypted-To info, presumably to confirm
Cc and To fields, and to promote key exchange and
web-of-trust scoring systems
Using header fields addresses these points because it is a
good place for visual cues when reading mail/news, it can be
turned off if the reader doesn't want to be bothered, and it is
a good place for ephemeral, timestamped information.
Chris
next prev parent reply other threads:[~2001-11-16 20:18 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-11-12 21:48 Simon Josefsson
2001-11-13 0:03 ` Matt Armstrong
2001-11-13 1:06 ` Josh Huber
2001-11-13 9:53 ` Simon Josefsson
2001-11-13 10:47 ` Fabien Penso
2001-11-13 11:32 ` Simon Josefsson
2001-11-17 11:12 ` Florian Weimer
2001-11-17 11:27 ` Simon Josefsson
2001-11-13 15:53 ` Per Abrahamsen
2001-11-13 18:38 ` Simon Josefsson
2001-11-14 10:03 ` Per Abrahamsen
2001-11-13 18:52 ` Josh Huber
2001-11-13 20:43 ` Matt Armstrong
2001-11-13 21:18 ` Simon Josefsson
2001-11-13 21:33 ` Matt Armstrong
2001-11-13 21:52 ` Simon Josefsson
2001-11-14 10:07 ` Per Abrahamsen
2001-11-14 10:59 ` dme
2001-11-14 11:52 ` Simon Josefsson
2001-11-14 16:02 ` Andreas Fuchs
2001-11-14 17:11 ` Simon Josefsson
2001-11-14 17:34 ` Nevin Kapur
2001-11-14 17:57 ` Matt Armstrong
2001-11-17 11:19 ` Florian Weimer
2001-11-18 7:23 ` Paul Jarc
2001-11-18 10:53 ` Andreas Fuchs
2001-11-18 20:09 ` Raymond Scholz
2001-11-18 23:38 ` Andreas Fuchs
2001-11-17 11:18 ` Florian Weimer
2001-11-17 11:17 ` Florian Weimer
2001-12-29 5:14 ` Lars Magne Ingebrigtsen
2001-11-16 18:26 ` news
2001-11-16 18:43 ` Werner Koch
2001-11-16 19:20 ` Simon Josefsson
2001-11-16 19:37 ` Josh Huber
2001-11-16 20:40 ` Simon Josefsson
2001-11-16 20:58 ` Jack Twilley
2001-11-16 21:21 ` Josh Huber
2001-11-16 21:38 ` Jack Twilley
2001-11-17 9:52 ` Fabien Penso
2001-11-17 10:08 ` Jack Twilley
2001-11-17 11:23 ` Florian Weimer
2001-11-17 11:10 ` Jack Twilley
2001-11-17 11:54 ` Per Abrahamsen
2001-11-17 14:39 ` Florian Weimer
2001-11-18 13:31 ` Kai Großjohann
2001-11-18 19:39 ` Norbert Koch
2001-11-19 21:53 ` Florian Weimer
2001-11-17 9:50 ` Fabien Penso
2001-11-17 9:47 ` Fabien Penso
2001-11-17 11:25 ` Florian Weimer
2001-11-16 20:18 ` news [this message]
2001-11-16 21:04 ` Werner Koch
2001-11-16 21:20 ` Matt Armstrong
2001-11-16 21:55 ` Simon Josefsson
2001-11-17 4:28 ` Andreas Fuchs
2001-11-17 11:15 ` Florian Weimer
2001-11-17 11:41 ` Simon Josefsson
2001-11-17 14:29 ` Florian Weimer
2001-11-14 10:50 ` Per Abrahamsen
2001-11-15 9:49 ` Per Abrahamsen
2001-11-14 21:56 ` Jack Twilley
2001-11-15 21:23 ` How to minimize buttons? (was Re: PGP support) Jack Twilley
2001-11-15 21:37 ` Andreas Fuchs
2001-11-16 11:39 ` Jack Twilley
2001-11-15 0:52 ` PGP support Sascha Lüdecke
2001-11-17 11:14 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y9l6zcz1.fsf@lackawana.kippona.com \
--to=news@kippona.com \
--cc=chrisb@lackawana.kippona.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).