From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/60275
Path: news.gmane.org!not-for-mail
From: "Georg C. F. Greve" <greve@fsfeurope.org>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: PGG/GPG Integration bug (somewhat nasty & urgent), potential mailcrypt concept bug
Date: Wed, 11 May 2005 11:11:32 +0200
Message-ID: <m3fywum8jf.fsf@brain.gnuhh.org>
References: <m31x8o8zs1.fsf@brain.gnuhh.org>
	<iluhdhc5hi0.fsf@latte.josefsson.org>
NNTP-Posting-Host: main.gmane.org
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="20050511111132+0200-72055797-116356990-1636490";
	micalg=pgp-sha1; protocol="application/pgp-signature"
X-Trace: sea.gmane.org 1115802604 32450 80.91.229.2 (11 May 2005 09:10:04 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Wed, 11 May 2005 09:10:04 +0000 (UTC)
Cc: ding@gnus.org
Original-X-From: ding-owner+M8803@lists.math.uh.edu Wed May 11 11:10:01 2005
Return-path: <ding-owner+M8803@lists.math.uh.edu>
Original-Received: from malifon.math.uh.edu ([129.7.128.13])
	by ciao.gmane.org with esmtp (Exim 4.43)
	id 1DVnE3-0000Q9-Vt
	for ding-account@gmane.org; Wed, 11 May 2005 11:09:56 +0200
Original-Received: from localhost
	([127.0.0.1] helo=lists.math.uh.edu ident=lists)
	by malifon.math.uh.edu with smtp (Exim 3.20 #1)
	id 1DVnGP-0001nX-00; Wed, 11 May 2005 04:12:21 -0500
Original-Received: from util2.math.uh.edu ([129.7.128.23])
	by malifon.math.uh.edu with esmtp (Exim 3.20 #1)
	id 1DVnGA-0001nP-00
	for ding@lists.math.uh.edu; Wed, 11 May 2005 04:12:06 -0500
Original-Received: from quimby.gnus.org ([80.91.224.244])
	by util2.math.uh.edu with esmtp (Exim 4.30)
	id 1DVnG7-0006q5-IS
	for ding@lists.math.uh.edu; Wed, 11 May 2005 04:12:03 -0500
Original-Received: from crosspoint.informatik.gu.se ([130.241.141.44] helo=crosspoint.fsfeurope.org)
	by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian))
	id 1DVnG6-0004tq-00
	for <ding@gnus.org>; Wed, 11 May 2005 11:12:02 +0200
Original-Received: from localhost (localhost [127.0.0.1])
	by crosspoint.fsfeurope.org (Postfix) with ESMTP id 35D821C6B7;
	Wed, 11 May 2005 11:12:01 +0200 (CEST)
Original-Received: from crosspoint.fsfeurope.org ([127.0.0.1])
 by localhost (crosspoint.fsfeurope.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 14989-20; Wed, 11 May 2005 11:11:50 +0200 (CEST)
Original-Received: from fusebox.gnuhh.org (c228062.adsl.hansenet.de [213.39.228.62])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "fusebox.gnuhh.org", Issuer "President" (verified OK))
	by crosspoint.fsfeurope.org (Postfix) with ESMTP id 9DBF81C6A5;
	Wed, 11 May 2005 11:11:50 +0200 (CEST)
Original-Received: from localhost (fusebox [127.0.0.1])
	by fusebox.gnuhh.org (Postfix) with ESMTP id F3A3CB97C;
	Wed, 11 May 2005 11:11:49 +0200 (CEST)
Original-Received: from fusebox.gnuhh.org ([127.0.0.1])
 by localhost (fusebox.gnuhh.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 20656-18; Wed, 11 May 2005 11:11:43 +0200 (CEST)
Original-Received: by fusebox.gnuhh.org (Postfix, from userid 10)
	id 89A81B948; Wed, 11 May 2005 11:11:43 +0200 (CEST)
Original-Received: by brain.gnuhh.org (Postfix, from userid 500)
	id 2FD456B69A; Wed, 11 May 2005 11:11:36 +0200 (CEST)
Original-To: Simon Josefsson <jas@extundo.com>
Organisation: Free Software Foundation Europe
X-PGP-Fingerprint: 2D68 D553 70E5 CCF9 75F4 9CC9 6EF8 AFC2 8657 4ACA
X-PGP-Affinity: will accept encrypted messages for GNU Privacy Guard
X-Home-Page: http://gnuhh.org
X-Accept-Language: en, de
In-Reply-To: <iluhdhc5hi0.fsf@latte.josefsson.org> (Simon Josefsson's message
	of "Mon, 09 May 2005 21:25:27 +0200")
User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux)
X-Virus-Scanned: amavisd-new at gnuhh.org
X-Virus-Scanned: amavisd-new at fsfeurope.org
X-Spam-Score: -3.5 (---)
Precedence: bulk
Original-Sender: ding-owner@lists.math.uh.edu
Xref: news.gmane.org gmane.emacs.gnus.general:60275
X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:60275

--20050511111132+0200-72055797-116356990-1636490
Content-Transfer-Encoding: quoted-printable

Dear Simon,

 || On Mon, 09 May 2005 21:25:27 +0200
 || Simon Josefsson <jas@extundo.com> wrote:=20

 >> a) create clean way to turn off all pgg handling of PIN's or
 >> Passphrases, turning that part of the operation over to gpg-agent.

 sj> Do `pgg-cache-passphrase' help?

Not really.

This only stops pgg from remembering the passphrase, not from asking
for it and trying to submit it.

pgg should completely IGNORE anything to do with pass phrases and not
submit any pass-phrase related command line options (save those
dealing with gpg-agent) for the gpg-agent to work properly.


 >> c) fix decryption of messages that are encrypted for SmartCard

 sj> Can you tell whether this could be solved by a similar simple
 sj> patch as the patch you provided for the b) case?

This seems to solve the problem with the PIN, yes.

The other problem did not seem Gnus, but actually GnuPG related.

So we can close this problem here.


 >> [ARCHIVAL DOUBLE-SIGNING]
 >> So I wonder: Is there a striking reason to do this?

 sj> Yes, although somewhat obscure.

 sj> The encoding done for archiving purposes is not necessarily the
 sj> same as is used for outgoing mail.  It is the same if you mail
 sj> and post a message, there is one set of MIME rules for mail and
 sj> another for news.

Just to make sure I understood:

So the reason is that Gnus expects Mail archives in News encoding
regarding the MIME rules used? That seems odd. Aren't Mail and News
stored in different folders, usually?

Does this not defy much of the purpose of the archive, which is
supposed to archive what you _actually_ sent, and not something that
is a recoded version of that.

Whenever I had problems with someone telling me that a signed mail did
not verify and I ask myself where the problem is, I have been looking
into the archive, assuming this was an archived version of the mail I
sent. No wonder I could not reproduce the problems.


 sj> Gcc'ed messages might have attachments striped etc, so may be
 sj> rather different from what is actually sent.

That sounds interesting. I had not heard of it before, did not see it
in the archival part of the info file...


 sj> Some solutions:

 sj> Use bcc.  Ugly workaround, but guarantee that you archive exactly
 sj> what was mailed (not posted though, since that could be
 sj> different).

Yes, this is ugly.

I will have to think about using this.


 sj> In the GCC handling, make Gnus notice whether the MIME-prepared
 sj> message, before PGP signing, is identical to the MIME-prepared
 sj> message that was used as input to PGP signing when sending the
 sj> e-mail, and in that case store the mailed copy rather than
 sj> signing another copy of the identical message.

This seems optimal.

Unfortunately I have no idea how to approach this -- and probably
won't find the time anytime soon. Will anyone take this on?

Regards,
Georg

--=20
Georg C. F. Greve                                 <greve@fsfeurope.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Join the Fellowship and protect your freedom!     (http://www.fsfe.org)

--20050511111132+0200-72055797-116356990-1636490
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQCVAwUAQoHMRik9sUy32wQcAQJvpgP/d/Q6h0wWWtOMcZqGi6dee8Giw+sWd9uB
m7kj52uyVcO9almmOUpYQLxlhNwj5jK4YuYikOEaEdzpfRXTcAhk4+k+DHqggpKE
s2oY0C+YVr8VD+fSxwYqjNeGsArLP8uPl6Dsfg0T7QkcJR3m2n57mM4CSzU2ydv6
kFCwmbXq4Ls=
=xkhB
-----END PGP SIGNATURE-----
--20050511111132+0200-72055797-116356990-1636490--