Re: PGG/GPG Integration bug (somewhat nasty & urgent), potential mailcrypt concept bug

["Georg C. F. Greve" <greve@fsfeurope.org>]

[-- Attachment #1: Type: text/plain, Size: 3184 bytes --]

Dear Simon,

 || On Mon, 09 May 2005 21:25:27 +0200
 || Simon Josefsson <jas@extundo.com> wrote: 

 >> a) create clean way to turn off all pgg handling of PIN's or
 >> Passphrases, turning that part of the operation over to gpg-agent.

 sj> Do `pgg-cache-passphrase' help?

Not really.

This only stops pgg from remembering the passphrase, not from asking
for it and trying to submit it.

pgg should completely IGNORE anything to do with pass phrases and not
submit any pass-phrase related command line options (save those
dealing with gpg-agent) for the gpg-agent to work properly.


 >> c) fix decryption of messages that are encrypted for SmartCard

 sj> Can you tell whether this could be solved by a similar simple
 sj> patch as the patch you provided for the b) case?

This seems to solve the problem with the PIN, yes.

The other problem did not seem Gnus, but actually GnuPG related.

So we can close this problem here.


 >> [ARCHIVAL DOUBLE-SIGNING]
 >> So I wonder: Is there a striking reason to do this?

 sj> Yes, although somewhat obscure.

 sj> The encoding done for archiving purposes is not necessarily the
 sj> same as is used for outgoing mail.  It is the same if you mail
 sj> and post a message, there is one set of MIME rules for mail and
 sj> another for news.

Just to make sure I understood:

So the reason is that Gnus expects Mail archives in News encoding
regarding the MIME rules used? That seems odd. Aren't Mail and News
stored in different folders, usually?

Does this not defy much of the purpose of the archive, which is
supposed to archive what you _actually_ sent, and not something that
is a recoded version of that.

Whenever I had problems with someone telling me that a signed mail did
not verify and I ask myself where the problem is, I have been looking
into the archive, assuming this was an archived version of the mail I
sent. No wonder I could not reproduce the problems.


 sj> Gcc'ed messages might have attachments striped etc, so may be
 sj> rather different from what is actually sent.

That sounds interesting. I had not heard of it before, did not see it
in the archival part of the info file...


 sj> Some solutions:

 sj> Use bcc.  Ugly workaround, but guarantee that you archive exactly
 sj> what was mailed (not posted though, since that could be
 sj> different).

Yes, this is ugly.

I will have to think about using this.


 sj> In the GCC handling, make Gnus notice whether the MIME-prepared
 sj> message, before PGP signing, is identical to the MIME-prepared
 sj> message that was used as input to PGP signing when sending the
 sj> e-mail, and in that case store the mailed copy rather than
 sj> signing another copy of the identical message.

This seems optimal.

Unfortunately I have no idea how to approach this -- and probably
won't find the time anytime soon. Will anyone take this on?

Regards,
Georg

-- 
Georg C. F. Greve                                 <greve@fsfeurope.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Join the Fellowship and protect your freedom!     (http://www.fsfe.org)

[-- Attachment #2: Type: application/pgp-signature, Size: 306 bytes --]