From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/53361 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: broken: #secure method=pgp mode=signencrypt Date: Wed, 09 Jul 2003 18:59:40 +0200 Sender: ding-owner@lists.math.uh.edu Message-ID: References: <20030709102948.GE3850@merlin.emma.line.org> <87k7arlnfr.fsf@deneb.enyo.de> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1057770140 1363 80.91.224.249 (9 Jul 2003 17:02:20 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Wed, 9 Jul 2003 17:02:20 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M1905@lists.math.uh.edu Wed Jul 09 19:02:18 2003 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by main.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 19aIHy-00009K-00 for ; Wed, 09 Jul 2003 18:59:31 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19aIIL-0004xG-00; Wed, 09 Jul 2003 11:59:53 -0500 Original-Received: from sclp3.sclp.com ([64.157.176.121]) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19aIID-0004x8-00 for ding@lists.math.uh.edu; Wed, 09 Jul 2003 11:59:45 -0500 Original-Received: (qmail 17354 invoked by alias); 9 Jul 2003 16:59:44 -0000 Original-Received: (qmail 17349 invoked from network); 9 Jul 2003 16:59:44 -0000 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net (HELO yxa.extundo.com) (217.13.230.178) by sclp3.sclp.com with SMTP; 9 Jul 2003 16:59:44 -0000 Original-Received: from latte.josefsson.org (yxa.extundo.com [217.13.230.178]) (authenticated bits=0) by yxa.extundo.com (8.12.9/8.12.9) with ESMTP id h69Gxeka001648 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Wed, 9 Jul 2003 18:59:40 +0200 Original-To: Matthias Andree Mail-Copies-To: nobody X-Payment: hashcash 1.2 0:030709:ma@dt.e-technik.uni-dortmund.de:f2d024a6d243fe4a X-Hashcash: 0:030709:ma@dt.e-technik.uni-dortmund.de:f2d024a6d243fe4a X-Payment: hashcash 1.2 0:030709:ding@gnus.org:4e512ce32ee360c8 X-Hashcash: 0:030709:ding@gnus.org:4e512ce32ee360c8 In-Reply-To: (Matthias Andree's message of "Wed, 09 Jul 2003 18:06:20 +0200") User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3.50 (gnu/linux) Precedence: bulk Xref: main.gmane.org gmane.emacs.gnus.general:53361 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:53361 Matthias Andree writes: > Florian Weimer writes: > >> The problem is that GnuPG cannot encrypt + sign in one pass in a way >> that yields a message that can be processed by PGP 2.6.x (even after >> patching the necessary algorithms into PGP or GnuPG). This problem >> does not arise if you sign and encrypt separately. > > Creating messages that even Gnus itself cannot read back properly is > certainly not a solution to this lack, and the "garbage in encrypt > without sign" issue has been lost in the course of this thread. The problem, FWIW, is that mm-uu decoded data is not recursively feed to mm-uu again. So the PGP encrypted data that mm-uu decrypts is displayed instead of being checked for a correct signature, which mm-uu can do too. (Although the PGP blob regexp in mm-uu probably should be changed from ^-----BEGIN to ^\(=2D\|-\)----BEGIN to cater for the header escaping that Gnus perform for other purposes.)