From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/59482 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: trailing spaces in signed mails Date: Mon, 27 Dec 2004 02:23:07 +0100 Message-ID: References: <87y8fx9loa.fsf@wheatstone.g10code.de> NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: sea.gmane.org 1104110928 21583 80.91.229.6 (27 Dec 2004 01:28:48 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 27 Dec 2004 01:28:48 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M8022@lists.math.uh.edu Mon Dec 27 02:28:41 2004 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13] ident=mail) by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 1Cijgf-0003Qi-00 for ; Mon, 27 Dec 2004 02:28:41 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1Cijbp-0001T6-00; Sun, 26 Dec 2004 19:23:41 -0600 Original-Received: from util2.math.uh.edu ([129.7.128.23]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1Cijbl-0001T1-00 for ding@lists.math.uh.edu; Sun, 26 Dec 2004 19:23:37 -0600 Original-Received: from quimby.gnus.org ([80.91.224.244]) by util2.math.uh.edu with esmtp (Exim 4.30) id 1Cijbe-0002Mt-IT for ding@lists.math.uh.edu; Sun, 26 Dec 2004 19:23:30 -0600 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net ([217.13.230.178] helo=yxa.extundo.com) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1Cijbd-0004dN-00 for ; Mon, 27 Dec 2004 02:23:29 +0100 Original-Received: from latte.josefsson.org (c494102a.s-bi.bostream.se [217.215.27.65]) (authenticated bits=0) by yxa.extundo.com (8.13.2/8.13.2/Debian-1) with ESMTP id iBR1NJC4006516 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=OK); Mon, 27 Dec 2004 02:23:20 +0100 Original-To: Werner Koch OpenPGP: id=0xB565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:23:041227:ding@gnus.org::O+GPGmyjD+fl/KIj:00008irN X-Hashcash: 1:23:041227:wk@gnupg.org::zjhXegQGPQr527cB:00000TB+O In-Reply-To: <87y8fx9loa.fsf@wheatstone.g10code.de> (Werner Koch's message of "Fri, 17 Dec 2004 13:03:17 +0100") User-Agent: Gnus/5.110003 (No Gnus v0.3) Emacs/21.3.50 (gnu/linux) X-Virus-Scanned: ClamAV 0.80/618/Mon Dec 6 00:09:24 2004 clamav-milter version 0.80j on yxa.extundo.com X-Virus-Status: Clean Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: main.gmane.org gmane.emacs.gnus.general:59482 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:59482 --=-=-= Content-Transfer-Encoding: quoted-printable Werner Koch writes: > Hi! > > After the release of gnupg 1.4.0 a lot of people complained that they > were not able to verify my signature anymore. The reason for this is > due to a change in OpenPGP and thus gpg to not strip trailing white > spaces anymore for signing. PGP/MIME (rfc 3156) defines rules on how > to protect against this problem (most PGG and OpenPGP implementations > did it differently in the past) but these rules are not follwed by > mml2015. In particular, rfc 3156 states: > > Additionally, implementations MUST make sure that no trailing > whitespace is present after the MIME encoding has been applied. > > the example given also states: > > & Also, in some cases it might be desirable to encode any =3D20 > & trailing whitespace that occurs on lines in order to ensure =3D20 > & that the message signature is not invalidated when passing =3D20 > & a gateway that modifies such whitespace (like BITNET). =3D20 Thanks, I believe I have fixed this in CVS, in both branches. > This message is signed and the "-- " before the signature lines should > have been send as "--=3D20". I suggest to convert the last of a run of > trailing spaces to QP. My Gnus version is v5.10.6. As you can see in this message, it will now be sent as =3D2D-=3D20. If Gnus were to translate it into '--=3D20', I think an OpenPGP implementation would dash escape it, and '- --=3D20' would be sent, which would be less cut'n'paste compatible with RFC 1991 (which doesn't mention dash escaping). Is this acceptable to you? --=20 --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iQC1AwUAQc9j++2iHpS1ZXFvAQJ3UwT+J4L6rth/iJ8NHMMNi+2WRdXVlvrdkhjk 6GDLkfUFSLH2UDaytaecu0XW/FoKZQRVVn8kiUGwvlrS66IB8DftFOBed74Vndld NpVev4vgFDQYZn0OTEQyQHKqjee9wGAB4NSg6IniVXZnQzo4kLCbFaWnnHnn/FJD +4PQtVwpF/HeZh/KUIB1m/ZTd/UD5H8TtOOH7RGWdT8WnP03BmJbBA== =1CM9 -----END PGP SIGNATURE----- --=-=-=--