Dear Simon, || On Mon, 09 May 2005 21:25:27 +0200 || Simon Josefsson wrote: >> a) create clean way to turn off all pgg handling of PIN's or >> Passphrases, turning that part of the operation over to gpg-agent. sj> Do `pgg-cache-passphrase' help? Not really. This only stops pgg from remembering the passphrase, not from asking for it and trying to submit it. pgg should completely IGNORE anything to do with pass phrases and not submit any pass-phrase related command line options (save those dealing with gpg-agent) for the gpg-agent to work properly. >> c) fix decryption of messages that are encrypted for SmartCard sj> Can you tell whether this could be solved by a similar simple sj> patch as the patch you provided for the b) case? This seems to solve the problem with the PIN, yes. The other problem did not seem Gnus, but actually GnuPG related. So we can close this problem here. >> [ARCHIVAL DOUBLE-SIGNING] >> So I wonder: Is there a striking reason to do this? sj> Yes, although somewhat obscure. sj> The encoding done for archiving purposes is not necessarily the sj> same as is used for outgoing mail. It is the same if you mail sj> and post a message, there is one set of MIME rules for mail and sj> another for news. Just to make sure I understood: So the reason is that Gnus expects Mail archives in News encoding regarding the MIME rules used? That seems odd. Aren't Mail and News stored in different folders, usually? Does this not defy much of the purpose of the archive, which is supposed to archive what you _actually_ sent, and not something that is a recoded version of that. Whenever I had problems with someone telling me that a signed mail did not verify and I ask myself where the problem is, I have been looking into the archive, assuming this was an archived version of the mail I sent. No wonder I could not reproduce the problems. sj> Gcc'ed messages might have attachments striped etc, so may be sj> rather different from what is actually sent. That sounds interesting. I had not heard of it before, did not see it in the archival part of the info file... sj> Some solutions: sj> Use bcc. Ugly workaround, but guarantee that you archive exactly sj> what was mailed (not posted though, since that could be sj> different). Yes, this is ugly. I will have to think about using this. sj> In the GCC handling, make Gnus notice whether the MIME-prepared sj> message, before PGP signing, is identical to the MIME-prepared sj> message that was used as input to PGP signing when sending the sj> e-mail, and in that case store the mailed copy rather than sj> signing another copy of the identical message. This seems optimal. Unfortunately I have no idea how to approach this -- and probably won't find the time anytime soon. Will anyone take this on? Regards, Georg -- Georg C. F. Greve Free Software Foundation Europe (http://fsfeurope.org) Join the Fellowship and protect your freedom! (http://www.fsfe.org)