From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/31255 Path: main.gmane.org!not-for-mail From: Florian Weimer Newsgroups: gmane.emacs.gnus.general Subject: Re: MIME Security with PGP (RFC2015) Date: 28 May 2000 15:22:34 +0200 Sender: owner-ding@hpc.uh.edu Message-ID: <87ya4un71h.fsf@deneb.cygnus.argh.org> References: <2naehcprfu.fsf@tiger.jia.vnet> NNTP-Posting-Host: coloc-standby.netfonds.no Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; protocol="application/pgp-signature"; micalg="pgp-md5" X-Trace: main.gmane.org 1035167691 12998 80.91.224.250 (21 Oct 2002 02:34:51 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Mon, 21 Oct 2002 02:34:51 +0000 (UTC) Cc: gnus-rfc2015@mercury.rus.uni-stuttgart.de Return-Path: Original-Received: from karazm.math.uh.edu (karazm.math.uh.edu [129.7.128.1]) by mailhost.sclp.com (Postfix) with ESMTP id 1D46DD051E for ; Thu, 1 Jun 2000 14:13:57 -0400 (EDT) Original-Received: from sina.hpc.uh.edu (Sina.HPC.UH.EDU [129.7.3.5]) by karazm.math.uh.edu (8.9.3/8.9.3) with ESMTP id NAC27307; Thu, 1 Jun 2000 13:10:20 -0500 (CDT) Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Thu, 01 Jun 2000 13:09:38 -0500 (CDT) Original-Received: from mailhost.sclp.com (postfix@sclp3.sclp.com [204.252.123.139]) by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id NAA00970 for ; Thu, 1 Jun 2000 13:09:26 -0500 (CDT) Original-Received: from mail.netic.de (mail.s.netic.de [212.9.160.11]) by mailhost.sclp.com (Postfix) with ESMTP id 5FFBCD051E for ; Thu, 1 Jun 2000 14:09:43 -0400 (EDT) Original-Received: by mail.netic.de (Smail3.2.0.106/mail.s.netic.de) via LF.net GmbH Internet Services via remoteip 212.9.163.34 via remotehost cygnus.argh.org with esmtp for mailhost.sclp.com id m12xZPS-001X3XC; Thu, 1 Jun 2000 20:09:34 +0200 (CEST) Original-Received: from deneb.cygnus.argh.org ([192.168.1.2]) by cygnus.argh.org with esmtp (Exim 3.12 #1) id 12xZOO-0000NL-00; Thu, 01 Jun 2000 20:08:28 +0200 Original-Received: from fw by deneb.cygnus.argh.org with local (Exim 3.12 #1) id 12xZUZ-0000BV-00; Thu, 01 Jun 2000 20:14:51 +0200 Original-To: ding@gnus.org In-Reply-To: Shenghuo ZHU's message of "27 May 2000 00:06:45 -0400" User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.6 Original-Lines: 61 Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:31255 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:31255 --=-=-= Content-Transfer-Encoding: quoted-printable Shenghuo ZHU writes: > I wrote rfc2015.el, which is supposed to fill the gap between Gnus 5.8 > and mailcrypt. Because it is not finished, I just put it in contrib > directory. A few months ago, Lars suggested to keep MIME-PGP support separate because of crypto export regulation issues. > To sign something, say >=20 > <#part type=3D"text/plain" disposition=3Dinline postprocess=3Dpgp-sign> > The text to sign. > <#/part> My package uses a somewhat different approach: <#multipart type=3Dsigned> This is a signed multipart. <#part type=3D"text/plain" filename=3D"~/some-file" disposition=3Dattachmen= t description=3D"signed attachment"> <#/multipart> This is achieved by hooking into "mml-generate-multipart-alist". To be honest, I think "mml-generate-mime-preprocess-function" and "mml-generate-mime-postprocess-function" are unnecessary. At least you can't use them to generate RFC 2015 messages. There are special requirements regarding quoted-printable encoding of parts inside "multipart/signed" or "multipart/encrypted", and I don't think you can set the appropriate variable ("mm-use-ultra-safe-encoding") during MML-to-MIME translation using your hooks. My code is available at: http://cert.uni-stuttgart.de/people/fw/gpg-mime.el At the moment, it's very alpha, and it's likely that it doesn't work. :-/ Of course, it only does the easy part, i.e. creating "multipart/signed" and "multipart/encrypted", not the other way round. It requires some packages found in the same directory. At the moment, it is GnuPG-specific, but you should be able to use other (Open)PGP implementations if you customize the settings in gpg.el. Mailcrypt wasn't used because of some security problems and the unwillingness of the maintainer to respond to suggestions regarding detached signatures. Now to the hard part, signature verification and decryption. For verification, I think we need a hook into "mm-dissect-multipart", which verifies the signature (at this place, all the necessary information is still present) and generates a suitable MML handle. After that, the part can be displayed using a user-defined display function (by specifying it in "gnus-mime-multipart-functions"). Decryption should only occur if explicitly requested by the user. No hook into "mm-dissect-multipart" is required for it; we can decrypt and call "mm-dissect-buffer" on the plaintext on user request. (Maybe we should continue this discussion on the gnus-rfc2015 list? I've subscribed you.) --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iQEVAwUBOTaoF12wUqLAbsO1AQGUxAf9HnRhEpR6okkFBq8/mtuBN91GHq6Hz6n1 ggtIHvAdFC0i4xoxDf8+zJ8f33x/37BFHFCZVuVjVd2wbRInUyyyF6ZY+2N4YEQ6 cNYgi38TCyoZNY1yqeWJeW31k3BCBZMLLb8jPW6MvLY6TlKiLZ5rsNDa9Tc4uIPQ f0EN3UbZlgpZY7yoiMs2r8AdToAIXv6SpUoGy5kDb9ZYBSzEMkaZXGUaqGhQRKCN 5Quq4KT+J1ehlmu9PD2I7dCBvf3pfiGSlZMqPNLlHpnKn08zs7FcUcyW7uq69U+m jvqWOj622CmphbZaEQ4E6ewcCiLPN4wuUpR+4+H6+wj7Ox0B+c6kHg== =ILDQ -----END PGP SIGNATURE----- --=-=-=--