From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/53947 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: Entering passphrase twice when sending PGP signed message Date: Sat, 13 Sep 2003 23:24:05 +0200 Sender: ding-owner@lists.math.uh.edu Message-ID: References: NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1063488285 15192 80.91.224.253 (13 Sep 2003 21:24:45 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Sat, 13 Sep 2003 21:24:45 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M2487@lists.math.uh.edu Sat Sep 13 23:24:43 2003 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 19yHsp-00041v-00 for ; Sat, 13 Sep 2003 23:24:43 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19yHsQ-0000ZW-00; Sat, 13 Sep 2003 16:24:18 -0500 Original-Received: from sclp3.sclp.com ([64.157.176.121]) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19yHsH-0000ZO-00 for ding@lists.math.uh.edu; Sat, 13 Sep 2003 16:24:09 -0500 Original-Received: (qmail 70266 invoked by alias); 13 Sep 2003 21:24:09 -0000 Original-Received: (qmail 70260 invoked from network); 13 Sep 2003 21:24:09 -0000 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net (HELO yxa.extundo.com) (217.13.230.178) by sclp3.sclp.com with SMTP; 13 Sep 2003 21:24:09 -0000 Original-Received: from latte.josefsson.org (yxa.extundo.com [217.13.230.178]) (authenticated bits=0) by yxa.extundo.com (8.12.9/8.12.9) with ESMTP id h8DLO5dk000317 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL); Sat, 13 Sep 2003 23:24:06 +0200 Original-To: Hrvoje Niksic Mail-Copies-To: nobody X-Payment: hashcash 1.2 0:030913:hniksic@xemacs.org:45a65d4d657c66e6 X-Hashcash: 0:030913:hniksic@xemacs.org:45a65d4d657c66e6 X-Payment: hashcash 1.2 0:030913:ding@gnus.org:f0402decfc86fbc7 X-Hashcash: 0:030913:ding@gnus.org:f0402decfc86fbc7 In-Reply-To: (Hrvoje Niksic's message of "Sat, 13 Sep 2003 15:27:04 +0200") User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3.50 (gnu/linux) Precedence: bulk Xref: main.gmane.org gmane.emacs.gnus.general:53947 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:53947 Hrvoje Niksic writes: > [ Please keep the Cc to me if you want me to see the responses. ] > > I tried to gpg-sign a message I was sending. Everything went fine, > except for one detail: I was asked for passphrase twice, once (I > think) before the mail was sent over the network, and once immediately > afterwards. > > Since I have archiving turned on, I assume the problem is that the > message is signed both when it is being sent and when it is being > archived. That sounds like a bug. What do you think? This happens if you use Gcc, and it is because the message is encoded once for sendmail/SMTP/NNTP and once for the Gcc copy, as you assume. But this can't be fixed easily, because the copy that is Gcc'ed is not the same as the one that is mailed or posted. An extreme example is the `gnus-gcc-externalize-attachments', which make Gcc differ distinctly from the SMTP/NTTP version of the mail. The more subtle examples are charset handling, news differ from mail, so making gcc equal one of them still wouldn't solve the problem in general. So unless someone has a clever idea how this could be solved, I think we should consider it a feature. There are alternative solutions, e.g. Bcc, which would give you a exact copy of what is sent on the (SMTP) wire. Perhaps the g-g-e-a variable also save the MML PGP headers directly. Another approach would be to attack the source of the problem, passphrases. The gpg-agent seems like a good solution to that.