From: david.goldberg6@verizon.net (David S. Goldberg)
Subject: Re: signing and encrypting with new <#secure> tag
Date: Tue, 16 Apr 2002 14:28:23 -0400 [thread overview]
Message-ID: <m1bofgjwla0.fsf@blackbird.mitre.org> (raw)
In-Reply-To: <874rif2b3u.fsf@alum.wpi.edu> (Josh Huber's message of "Sat, 13 Apr 2002 23:49:25 -0400")
>>>>> On Sat, 13 Apr 2002 23:49:25 -0400, Josh Huber
>>>>> <huber@alum.wpi.edu> said:
> Well, they're not deprecated really, but they don't do the Right Thing
> when your message has multiple parts. Those functions are for signing
> & encrypting parts of a message, and the <#secure tags are basically a
> meta tag which expands to either a part or multipart tag depending on
> if there are attachments in the message.
Ah. Thank you for that. I hadn't tried doing anything with
attachments and so didn't notice.
> Now, as for encrypt & sign, what to do?
> I don't use S/MIME, so I didn't get a chance to test the secure tags
> for it.
> With PGP/MIME right now encrypting signs as well...
> There are basically 2 ways to do it with PGP/MIME:
> 1) sign the message using standard PGP/MIME signing, then encrypt that
> message.
> 2) encrypt the message with an embedded signature (using --sign with
> GnuPG)
> How does S/MIME handle sign+encrypt?
I've only ever got openssl to handle option 1. It looks like it
should be able to do option 2, but I haven't ever figured out how to
do so properly. If I try to sign and encrypt in the same command line
I end up with complaints about unable to decrypt PKCS7 structure.
> Basically, the pgp and pgpmime functions use mode=encrypt for now
> (always), but the smime ones default to signencrypt. I've set it up
> so if you give the encrypt option a prefix argument it goes back to
> only encrypting.
> Please try it out!
It works great. Thanks!
--
Dave Goldberg
david.goldberg6@verizon.net
next prev parent reply other threads:[~2002-04-16 18:28 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-04-12 19:47 David S. Goldberg
2002-04-14 3:49 ` Josh Huber
2002-04-16 18:28 ` David S. Goldberg [this message]
2002-04-16 22:25 ` Josh Huber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1bofgjwla0.fsf@blackbird.mitre.org \
--to=david.goldberg6@verizon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).