Werner Koch writes: > Hi! > > After the release of gnupg 1.4.0 a lot of people complained that they > were not able to verify my signature anymore. The reason for this is > due to a change in OpenPGP and thus gpg to not strip trailing white > spaces anymore for signing. PGP/MIME (rfc 3156) defines rules on how > to protect against this problem (most PGG and OpenPGP implementations > did it differently in the past) but these rules are not follwed by > mml2015. In particular, rfc 3156 states: > > Additionally, implementations MUST make sure that no trailing > whitespace is present after the MIME encoding has been applied. > > the example given also states: > > & Also, in some cases it might be desirable to encode any =20 > & trailing whitespace that occurs on lines in order to ensure =20 > & that the message signature is not invalidated when passing =20 > & a gateway that modifies such whitespace (like BITNET). =20 Thanks, I believe I have fixed this in CVS, in both branches. > This message is signed and the "-- " before the signature lines should > have been send as "--=20". I suggest to convert the last of a run of > trailing spaces to QP. My Gnus version is v5.10.6. As you can see in this message, it will now be sent as =2D-=20. If Gnus were to translate it into '--=20', I think an OpenPGP implementation would dash escape it, and '- --=20' would be sent, which would be less cut'n'paste compatible with RFC 1991 (which doesn't mention dash escaping). Is this acceptable to you? --