Crypto-MIME in GNUS

Crypto-MIME in GNUS

[Georg C. F. Greve]

[-- Attachment #1.1: Type: text/plain, Size: 1425 bytes --]

Hi guys,

since I have received so much help revising my mail schemes and once
again I'm very satisified with how things work, I thought I should
contribute something that some people might useful. I don't think I
posted this here, yet.

There is a lot of encrypted mail coming in/going out here and I needed
gnus to be able to handle it completely transparent and MIME
compliant. Unfortunately there were some problems.

The biggest problem was that the gnus crypto function didn't work
since it gave mailcrypt the buffer to encrypt that didn't contain
headers so mailcrypt had no way to determine who to encrypt it
for. Also when I got it to work half-way I realized that CC and BCC
were ignored.

Also I wanted a nice way to determine whether to encrypt or sign that
I could toggle while composing the mail.

AND I wanted it to interface with the BBDB. I havethe "pgp-mail" field
that if set to sign/encrypt automatically signs/encrypts everything to
this person.

What is also nice is an easy way to include public keys into the mail
with correct MIME type. The solution I have is ugly but I didn't have
time to think about something better and for now it works.

The following code fixes/does all this. It is probably more a cludge
than a solution but it does the job and I have been using it
successfully for a few months now. Maybe someone will find it useful.

Personally I have set:

[-- Attachment #1.2: Type: application/emacs-lisp, Size: 198 bytes --]

[-- Attachment #1.3: Type: text/plain, Size: 241 bytes --]

which means that when writing mail, F1 sets it to sign, F2 to encrypt
and F4 removes the tag. F3 (encrypt with recipients) doesn't work for
some reason... didn't have time to investigate it further.

Regards,
                Georg



[-- Attachment #1.4: The crypto-related routines in my .gnus --]
[-- Type: application/emacs-lisp, Size: 9591 bytes --]

[-- Attachment #1.5: Type: text/plain, Size: 226 bytes --]


-- 
Georg C. F. Greve                                       <greve@gnu.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Brave GNU World	                           (http://brave-gnu-world.org)

[-- Attachment #2: Type: application/pgp-signature, Size: 268 bytes --]

Re: Crypto-MIME in GNUS

[Simon Josefsson]

"Georg C. F. Greve" <greve@gnu.org> writes:

> The biggest problem was that the gnus crypto function didn't work
> since it gave mailcrypt the buffer to encrypt that didn't contain
> headers so mailcrypt had no way to determine who to encrypt it
> for.

Weird, this is definitely not the case for me.  Could you tell why
`message-options-set-recipient' function fail to figure out
recipients?  Or if there's some problem in mml2015 when mailcrypt is
given the information snarfed from the *mail* buffer?

> Also when I got it to work half-way I realized that CC and BCC
> were ignored.

Right, `message-options-set-recipient' only look at the To: header.

> Also I wanted a nice way to determine whether to encrypt or sign that
> I could toggle while composing the mail.

Hm, `C-c RET s p' or `C-c RET c p'?

> What is also nice is an easy way to include public keys into the mail
> with correct MIME type. The solution I have is ugly but I didn't have
> time to think about something better and for now it works.

Ah, this is really useful.  Is there a MIME type for pgp public keys?
Cool.  I'm still using the mailcrypt default bindings which gets me a
nice menu where I can choice to insert my public key as a block.

Re: Crypto-MIME in GNUS

[Simon Josefsson]

"Georg C. F. Greve" <greve@gnu.org> writes:

>  >> The biggest problem was that the gnus crypto function didn't work
>  >> since it gave mailcrypt the buffer to encrypt that didn't contain
>  >> headers so mailcrypt had no way to determine who to encrypt it
>  >> for.
> 
>  sj> Weird, this is definitely not the case for me.  Could you tell
>  sj> why `message-options-set-recipient' function fail to figure out
>  sj> recipients?  Or if there's some problem in mml2015 when mailcrypt
>  sj> is given the information snarfed from the *mail* buffer?
> 
> I'm suspecting you are not using Crypto-*MIME* but rather encrypt the
> whole buffer as it is (which is the old way gnus used to do it). I
> have been doing it myself but a lot of non-gnus users have problems
> with it... also if there is a standard one should stick to it.

Well, there are at least two standards here. :-)

FWIW, people I communicate with that uses Outlook and some PGP plugin
does not handle PGP/MIME (RFC2015).  The plugin perform PGP-operations
on each MIME part individually and only insert the PGP output instead
of the MIME content of that part.  I don't think it even modifies MIME
headers.  Yuk.

> And when using Crypto-MIME, mailcrypt never ever sees the headers
> (which is as it should be) - it is gnus' job to figure out the
> recipients and the last time I tried (CVS version about three months
> ago), it didn't do it. So I wrote these other functions.

Ok -- that's what I meant, this works for me with current Gnus.

>  >> Also when I got it to work half-way I realized that CC and BCC
>  >> were ignored.
> 
>  sj> Right, `message-options-set-recipient' only look at the To:
>  sj> header.
> 
> Exactly. Which is stupid. Unless the others are also you (which is not
> the standard case, imho), they won't be able to read the mail then. So
> why bother sending it to them at all?

I've no idea. :-)  I changed it, it should look at Cc and Bcc now.

>  >> Also I wanted a nice way to determine whether to encrypt or sign
>  >> that I could toggle while composing the mail.
> 
>  sj> Hm, `C-c RET s p' or `C-c RET c p'?
> 
> ...does pretty much the same. But only almost. It only encrypts the
> following part, not the whole message. When I encrypt I normally want
> the whole thing encrypted... otherwise you run a high chance to
> insert another part and accidentally lose encryption that way.

Ah, yes, I agree.  Those commands are made to only sign or encrypt the
current MML part, but maybe that's not very intuitive.  Perhaps they
could be changed?

Re: Crypto-MIME in GNUS

[Georg C. F. Greve]

[-- Attachment #1.1: Type: text/plain, Size: 2883 bytes --]

Hi Simon,

 || On 10 Apr 2001 12:50:40 +0200
 || Simon Josefsson <simon@josefsson.org> wrote: 

 >> The biggest problem was that the gnus crypto function didn't work
 >> since it gave mailcrypt the buffer to encrypt that didn't contain
 >> headers so mailcrypt had no way to determine who to encrypt it
 >> for.

 sj> Weird, this is definitely not the case for me.  Could you tell
 sj> why `message-options-set-recipient' function fail to figure out
 sj> recipients?  Or if there's some problem in mml2015 when mailcrypt
 sj> is given the information snarfed from the *mail* buffer?

I'm suspecting you are not using Crypto-*MIME* but rather encrypt the
whole buffer as it is (which is the old way gnus used to do it). I
have been doing it myself but a lot of non-gnus users have problems
with it... also if there is a standard one should stick to it.

And when using Crypto-MIME, mailcrypt never ever sees the headers
(which is as it should be) - it is gnus' job to figure out the
recipients and the last time I tried (CVS version about three months
ago), it didn't do it. So I wrote these other functions.

 >> Also when I got it to work half-way I realized that CC and BCC
 >> were ignored.

 sj> Right, `message-options-set-recipient' only look at the To:
 sj> header.

Exactly. Which is stupid. Unless the others are also you (which is not
the standard case, imho), they won't be able to read the mail then. So
why bother sending it to them at all?

 >> Also I wanted a nice way to determine whether to encrypt or sign
 >> that I could toggle while composing the mail.

 sj> Hm, `C-c RET s p' or `C-c RET c p'?

...does pretty much the same. But only almost. It only encrypts the
following part, not the whole message. When I encrypt I normally want
the whole thing encrypted... otherwise you run a high chance to
insert another part and accidentally lose encryption that way.

 >> What is also nice is an easy way to include public keys into the
 >> mail with correct MIME type. The solution I have is ugly but I
 >> didn't have time to think about something better and for now it
 >> works.

 sj> Ah, this is really useful.  

So glad you agree. :-)

 sj> Is there a MIME type for pgp public
 sj> keys?  

Yes: application/pgp-keys

 sj> Cool.  I'm still using the mailcrypt default bindings which gets
 sj> me a nice menu where I can choice to insert my public key as a
 sj> block.

...which requires much more action on the receiving part to import the
key. With a proper MIME part, a good mailreader can import that key
with a single keystroke. 

Regards,
                Georg

-- 
Georg C. F. Greve                                       <greve@gnu.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Brave GNU World	                           (http://brave-gnu-world.org)

[-- Attachment #2: Type: application/pgp-signature, Size: 268 bytes --]

Re: Crypto-MIME in GNUS

[Josh Huber]

"Georg C. F. Greve" <greve@gnu.org> writes:

>  sj> Right, `message-options-set-recipient' only look at the To:
>  sj> header.
> 
> Exactly. Which is stupid. Unless the others are also you (which is not
> the standard case, imho), they won't be able to read the mail then. So
> why bother sending it to them at all?

I consider this a bug...

> ...does pretty much the same. But only almost. It only encrypts the
> following part, not the whole message. When I encrypt I normally want
> the whole thing encrypted... otherwise you run a high chance to
> insert another part and accidentally lose encryption that way.

I think this is a bug as well?  If I select that I want the message
signed or encrypted, it should wrap the entire message (with mime
parts included) as an encrypted or signed part.

does your code do this properly, or is this just a bug in mml2015?

> ...which requires much more action on the receiving part to import the
> key. With a proper MIME part, a good mailreader can import that key
> with a single keystroke. 

This is a nice thing that should be included in Gnus IMHO.  both the
sending of keys and importing.

-- 
Josh Huber

Re: Crypto-MIME in GNUS

[Georg C. F. Greve]

[-- Attachment #1.1: Type: text/plain, Size: 1797 bytes --]

Hi Simon,

 || On 10 Apr 2001 15:23:24 +0200
 || Simon Josefsson <simon@josefsson.org> wrote: 

 sj> Well, there are at least two standards here. :-)

Aren't there always? :-)

 sj> FWIW, people I communicate with that uses Outlook and some PGP
 sj> plugin does not handle PGP/MIME (RFC2015).  The plugin perform
 sj> PGP-operations on each MIME part individually and only insert the
 sj> PGP output instead of the MIME content of that part.  I don't
 sj> think it even modifies MIME headers.  Yuk.

Yikes. This doesn't sound very standard-ish.

 >> Exactly. Which is stupid. Unless the others are also you (which is
 >> not the standard case, imho), they won't be able to read the mail
 >> then. So why bother sending it to them at all?

 sj> I've no idea. :-) I changed it, it should look at Cc and Bcc now.

:-)))

 >> ...does pretty much the same. But only almost. It only encrypts
 >> the following part, not the whole message. When I encrypt I
 >> normally want the whole thing encrypted... otherwise you run a
 >> high chance to insert another part and accidentally lose
 >> encryption that way.

 sj> Ah, yes, I agree.  Those commands are made to only sign or
 sj> encrypt the current MML part, but maybe that's not very
 sj> intuitive.  Perhaps they could be changed?

I think they should be changed / renamed. The default should be
"encrypt everything" when selecting encryption. "Just encrypt this
part" should be harder to find / have to be selected specifically.

Just my 2 cents...

Regards,
                Georg

-- 
Georg C. F. Greve                                       <greve@gnu.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Brave GNU World	                           (http://brave-gnu-world.org)

[-- Attachment #2: Type: application/pgp-signature, Size: 268 bytes --]

Re: Crypto-MIME in GNUS

[Florian Weimer]

"Georg C. F. Greve" <greve@gnu.org> writes:

>  sj> FWIW, people I communicate with that uses Outlook and some PGP
>  sj> plugin does not handle PGP/MIME (RFC2015).  The plugin perform
>  sj> PGP-operations on each MIME part individually and only insert the
>  sj> PGP output instead of the MIME content of that part.  I don't
>  sj> think it even modifies MIME headers.  Yuk.
> 
> Yikes. This doesn't sound very standard-ish.

The plug-in interface of some MUAs doesn't provide access to message
and/or MIME part headers, so there's no way to implement OpenPGP/MIME
properly.

Re: Crypto-MIME in GNUS

[Georg C. F. Greve]

[-- Attachment #1.1: Type: text/plain, Size: 1164 bytes --]

Hi Simon,

 || On 10 Apr 2001 12:50:40 +0200
 || Simon Josefsson <simon@josefsson.org> wrote: 

 >> The biggest problem was that the gnus crypto function didn't work
 >> since it gave mailcrypt the buffer to encrypt that didn't contain
 >> headers so mailcrypt had no way to determine who to encrypt it
 >> for.

 sj> Weird, this is definitely not the case for me.  Could you tell
 sj> why `message-options-set-recipient' function fail to figure out
 sj> recipients?  Or if there's some problem in mml2015 when mailcrypt
 sj> is given the information snarfed from the *mail* buffer?

Okay, I left away my cludge and you're right, it works now.

The only thing I prefer about my cludge is that it shows you the
recipients and allows you to edit them. This is pretty nice as
sometimes people will have mail-addresses in their headers that don't
match the addresses in their GPG keys.

Regards,
                Georg

-- 
Georg C. F. Greve                                       <greve@gnu.org>
Free Software Foundation Europe	                 (http://fsfeurope.org)
Brave GNU World	                           (http://brave-gnu-world.org)

[-- Attachment #2: Type: application/pgp-signature, Size: 268 bytes --]