gnus, mime and pgp

gnus, mime and pgp

[Cyrille Lefevre]

how to configure gnus so "application/pgp; x-action=sign" behaves like
application/pgp-signature ?


the former one looks like this :

<common headers>
Content-Type: application/pgp; format=text; x-action=sign

-----BEGIN PGP SIGNED MESSAGE-----
...
-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----


the later one looks like this :

Content-Type: multipart/signed; micalg=pgp-md5;
        protocol="application/pgp-signature"; boundary="9Jdw4pA1x1k2W7MG"
Content-Disposition: inline

--9Jdw4pA1x1k2W7MG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

...
--9Jdw4pA1x1k2W7MG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
...
-----END PGP SIGNATURE-----

--9Jdw4pA1x1k2W7MG--


is there something to configure out there or something to implement ?

the problem is that I don't have any problem to read the later one.
but I'm unable to read the former one. I need to save it to read it :(

Cyrille.
-- 
home:mailto:clefevre%no-spam@citeweb.net Supprimer "%no-spam" pour me repondre.
work:mailto:Cyrille.Lefevre%no-spam@edf.fr Remove "%no-spam" to answer me back.

why application/pgp; x-action=sign != application/pgp-signature ?

[Cyrille Lefevre]

how to configure gnus so "application/pgp; x-action=sign" behaves like
application/pgp-signature ?

the former one looks like this :

<common headers>
Content-Type: application/pgp; format=text; x-action=sign

the later one looks like this :

Content-Type: multipart/signed; micalg=pgp-md5;
        protocol="application/pgp-signature"; boundary="9Jdw4pA1x1k2W7MG"
Content-Disposition: inline

--9Jdw4pA1x1k2W7MG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

...
--9Jdw4pA1x1k2W7MG
Content-Type: application/pgp-signature
Content-Disposition: inline

--9Jdw4pA1x1k2W7MG--

is there something to configure out there or something to implement ?

the problem is that I don't have any problem to read the later one.
but I'm unable to read the former one. I need to save it to read it :(

thanks by advance.

Cyrille.
-- 
home:mailto:clefevre%no-spam@citeweb.net Supprimer "%no-spam" pour me repondre.
work:mailto:Cyrille.Lefevre%no-spam@edf.fr Remove "%no-spam" to answer me back.

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[ShengHuo ZHU]

Cyrille Lefevre <clefevre@citeweb.net> writes:

> how to configure gnus so "application/pgp; x-action=sign" behaves like
> application/pgp-signature ?
> 
> the former one looks like this :
> 
> <common headers>
> Content-Type: application/pgp; format=text; x-action=sign
> 

[...]

> 
> is there something to configure out there or something to implement ?
> 
> the problem is that I don't have any problem to read the later one.
> but I'm unable to read the former one. I need to save it to read it :(

What is the content of application/pgp, signed text or just signature?
Where to find the specification?

The content of application/pgp-signature is just signature. Gnus just
ignore it.  I don't think you want to ignore application/pgp.  Simply
pressing `i' on the MIME button will show the content without saving
it.

ShengHuo

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Florian Weimer]

Cyrille Lefevre <clefevre@citeweb.net> writes:

> how to configure gnus so "application/pgp; x-action=sign" behaves like
> application/pgp-signature ?

Why do you want to do that?  I have never heard of such a MIME type.
What vendor invented it, and why didn't they follow the standards in
this field?

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Cyrille Lefevre]

ShengHuo ZHU <zsh@cs.rochester.edu> writes:

> Cyrille Lefevre <clefevre@citeweb.net> writes:
> 
> > how to configure gnus so "application/pgp; x-action=sign" behaves like
> > application/pgp-signature ?
> > 
> > the former one looks like this :
> > 
> > <common headers>
> > Content-Type: application/pgp; format=text; x-action=sign
> > 
> 
> [...]
> 
> > 
> > is there something to configure out there or something to implement ?
> > 
> > the problem is that I don't have any problem to read the later one.
> > but I'm unable to read the former one. I need to save it to read it :(
> 
> What is the content of application/pgp, signed text or just signature?
> Where to find the specification?

well, I go to iana to find the specs about pgp, which refer to rfc2015
which only known about application/pgp-something. so, you are right and
the product I'm using seems to be wrong. maybe it is (always) using an
pre-standard. who knowns ?

the following message has been created using elm 2.4ME+PL77 which is a
popular UNIX mail reader/composer.
it may be reached at <URL:ftp://ftp.ozone.fmi.fi/KEH/>.
the maintainer seems to be <URL:mailto:hurtta+elm@ozone.FMI.FI (Kari Hurtta)>.
I'll contact him right now.

for instance, maybe you could add support for this kind of messages until
elm follow the right way ?

=== SIGNED ONLY ===
| From root Sun Jul 23 18:16:53 2000
| Return-Path: <root>
| Received: (from root@localhost)
|         by gits.dyndns.org (8.9.3/8.9.3) id SAA18221
|         for \root; Sun, 23 Jul 2000 18:16:53 +0200 (CEST)
|         (envelope-from root)
| From: Cyrille Lefevre <root>
| Message-Id: <200007231616.SAA18221@gits.dyndns.org>
| Subject: sample test
| To: \root
| Date: Sun, 23 Jul 2000 18:16:53 +0200 (CEST)
| X-Mailer: ELM [version 2.4ME+ PL77 (25)]
| MIME-Version: 1.0
| Content-Transfer-Encoding: 7bit
| Content-Type: application/pgp; format=te8xt; x-action=sign
| 
| -----BEGIN PGP SIGNED MESSAGE-----
| 
| sample text
| 
| -----BEGIN PGP SIGNATURE-----
| Version: 2.6.3ia
| Charset: noconv
| Comment: Requires PGP version 2.6 or later.
| 
| iQCVAwUBOXsohJV/BxPBZIw1AQHkEgP+KJpLSaZSHdpwqnoTBiSUwTLg+6zybcd6
| uA1DnMyljzPg+m1LYxUqAZgQMxITJvFhYGwVWR8TVVKUzUGq7vCBOmM58vkjwghR
| mjey++CANV5jLtZLuzfF+cxDkm0rtJiKz897OZ6+9PLyYEJGAV7Oa4JwADB9NkKp
| Ituxmqwvmm4=
| =v0HJ
| -----END PGP SIGNATURE-----

=== ENCRYPTED ONLY ===
| From root Sun Jul 23 18:35:10 2000
| Return-Path: <root>
| Received: (from root@localhost)
|         by gits.dyndns.org (8.9.3/8.9.3) id SAA18433
|         for \root; Sun, 23 Jul 2000 18:35:10 +0200 (CEST)
|         (envelope-from root)
| From: Cyrille Lefevre <root>
| Message-Id: <200007231635.SAA18433@gits.dyndns.org>
| Subject: sample test
| To: \root
| Date: Sun, 23 Jul 2000 18:35:10 +0200 (CEST)
| X-Mailer: ELM [version 2.4ME+ PL77 (25)]
| MIME-Version: 1.0
| Content-Transfer-Encoding: 7bit
| Content-Type: application/pgp; format=text; x-action=encrypt
| Status: RO
| 
| -----BEGIN PGP MESSAGE-----
| Version: 2.6.3ia
| Comment: Requires PGP version 2.6 or later.
| 
| hIwDlX8HE8FkjDUBA/9ig7DLb1mO11jUFG+xl4rlu7mYnZhRGNCqqGD09xcqQx5a
| q4T17iInkvX7EfjiYvjQsMyPxrXV3weoSlJTHjxZH3ZWEyHkDNvt+djwV5THCNaB
| bEzNKGyahKea/xY33tiXffJqLNSF1pnmUPHjTKDt5g+ec4A7C0lO3NlxuHIJ8aYA
| AAA4jFUHP0BjZAcAWX8Y6slMFgFOLXOe3mcElT5HkSREmHL2AQJdm4Y+5XPs+/Y1
| B2qmSFYW0tzJL9I=
| =NyyX
| -----END PGP MESSAGE-----

=== BOTH ENCRYPED AND SIGNED ===
| From root Sun Jul 23 19:01:16 2000
| Return-Path: <root>
| Received: (from root@localhost)
|         by gits.dyndns.org (8.9.3/8.9.3) id TAA18529
|         for \root; Sun, 23 Jul 2000 19:01:16 +0200 (CEST)
|         (envelope-from root)
| From: Cyrille Lefevre <root>
| Message-Id: <200007231701.TAA18529@gits.dyndns.org>
| Subject: sample test
| To: \root
| Date: Sun, 23 Jul 2000 19:01:16 +0200 (CEST)
| X-Mailer: ELM [version 2.4ME+ PL77 (25)]
| MIME-Version: 1.0
| Content-Transfer-Encoding: 7bit
| Content-Type: application/pgp; format=text; x-action=encryptsign
| 
| -----BEGIN PGP MESSAGE-----
| Version: 2.6.3ia
| Comment: Requires PGP version 2.6 or later.
| 
| hIwDlX8HE8FkjDUBA/4xpkqM4IYfrkf8bCdaJoLKK7wK33yOxSZwXGK92DoWNSN9
| P74qrFOEdZpf0A8Vp4nyZN+I/wtouKveH6ePugLBG+9pGd/Hgb5G/0E8UAc8D00A
| dDz0UhPXb8pGqVETF4pGzz1GvgksJcKHYN1Q6KXeLMNb6UHpod+0fR/aT/XJFaYA
| AADHFvPZ4ZUU66T/7/5qh20L4m/l5rDj+HndJSeOIcKCfBBNevtb92LrowLKwcJJ
| mM+d78mI5cQ6zSWX4Yiv+WdkacWbCcJDicbOVLWMF/M76c3+c5zTm8D/nr4j5oCX
| XPUYnOyopoGZuPVHmIFJbcPhCju6u2rUHkGl0g2wqPgEYsjnuii07Ndaz/54vEdZ
| qfal2VQ5JylO4D5Eu8+QzLQGgWfEuMUslGjz3rSIWviXhV4W8vVzOml/4QBH926p
| WJJCvVGIKFbr1Q==
| =U5H6
| -----END PGP MESSAGE-----

> The content of application/pgp-signature is just signature. Gnus just
> ignore it.  I don't think you want to ignore application/pgp.  Simply
> pressing `i' on the MIME button will show the content without saving
> it.

works great, thanks.

BCC hurtta+elm@ozone.FMI.FI

Cyrille.
--
home: mailto:clefevre@citeweb.net work: mailto:Cyrille.Lefevre@edf.fr

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Cyrille Lefevre]

Florian Weimer <fw@deneb.enyo.de> writes:

> Cyrille Lefevre <clefevre@citeweb.net> writes:
> 
> > how to configure gnus so "application/pgp; x-action=sign" behaves like
> > application/pgp-signature ?
> 
> Why do you want to do that?  I have never heard of such a MIME type.
> What vendor invented it, and why didn't they follow the standards in
> this field?

see the answer I just made to ShengHuo ZHU.

Cyrille.
--
home: mailto:clefevre@citeweb.net work: mailto:Cyrille.Lefevre@edf.fr

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Nuutti Kotivuori]

"Cyrille" == Cyrille Lefevre <clefevre@citeweb.net> writes:
> well, I go to iana to find the specs about pgp, which refer to rfc2015
> which only known about application/pgp-something. so, you are right and
> the product I'm using seems to be wrong. maybe it is (always) using an
> pre-standard. who knowns ?

Um. There's three ways to send PGP messages.

The first, the oldest, the broken one is to just use PGP to clearsign
something and tag it into the message body. The message Content-Type:
will be text/plain, if there even is a content-type. The message body
will contain the normal 'BEGIN PGP SIGNED TEXT' etc. parts.

Then there's PGP-Kaze - namings differ. Which is quite similar to the
one above, but instead of the text/plain content type, we say
application/pgp (with attributes telling if it's signed or encrypted
or what). This is also called the traditional PGP mail. This does not
work with attachments - you need to encrypt/sign every attachment
separately, and you have no way of keeping them all together -
eg. some attachment might be removed and no signature would be
invalid. It has other problems as well.

And then we have RFC2015, PGP/MIME standard. This is the only working
one. It works by using MIME for everything, enclosing the whole signed
or encrypted part in multipart/signed or multipart/encrypted
content-type, and having the separate signature be
application/pgp-signature.

PGP/MIME is the working method, but very few programs are supporting
it. Gnus does not support it either, tho some people (possibly
including me) are developing it currently. So Gnus just _ignores_ the
application/pgp-signature type and _does not_ verify the
signature. Mutt is the de facto standard mailer for sending PGP/MIME
messages.

The other two methods are used interchangeably often, and are
supported by the latest version of PGP plugins for windows. They are
not really suited for anything but text messages, but people use them
anyway since they have nothing better. Mailcrypt is the way to use
these messages with Gnus. It comes with emacsen I think.

So, your program sends the older, obsolete, standard type PGP messages
which are handled by Mailcrypt, but which are the most commonly used
messagetypes currently. The newer standard is displayed properly by
Gnus, since the PGP/MIME standard allows correct text display even if
the mailer does not support PGP/MIME, but it _cannot_ be used for
writing such mails or to verify the signatures, which doesn't matter
ofcourse if you are not interested.

-- Naked

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Cyrille Lefevre]

Nuutti Kotivuori <nuutti.kotivuori@sonera.com> writes:

> "Cyrille" == Cyrille Lefevre <clefevre@citeweb.net> writes:
> > well, I go to iana to find the specs about pgp, which refer to rfc2015
> > which only known about application/pgp-something. so, you are right and
> > the product I'm using seems to be wrong. maybe it is (always) using an
> > pre-standard. who knowns ?
> 
> Um. There's three ways to send PGP messages.
[snip]

thanks for this really complete answer. now, all is more clear to me.

Cyrille.
--
home: mailto:clefevre@citeweb.net work: mailto:Cyrille.Lefevre@edf.fr

Re: why application/pgp; x-action=sign != application/pgp-signature ?

[Kari E. Hurtta]

Cyrille Lefevre:
> ShengHuo ZHU <zsh@cs.rochester.edu> writes:
> 
> > Cyrille Lefevre <clefevre@citeweb.net> writes:
> > 
> > > how to configure gnus so "application/pgp; x-action=sign" behaves like
> > > application/pgp-signature ?
> > > 
> > > the former one looks like this :
> > > 
> > > <common headers>
> > > Content-Type: application/pgp; format=text; x-action=sign
> > > 
> > 
> > [...]
> > 
> > > 
> > > is there something to configure out there or something to implement ?
> > > 
> > > the problem is that I don't have any problem to read the later one.
> > > but I'm unable to read the former one. I need to save it to read it :(
> > 
> > What is the content of application/pgp, signed text or just signature?
> > Where to find the specification?
> 
> well, I go to iana to find the specs about pgp, which refer to rfc2015
> which only known about application/pgp-something. so, you are right and
> the product I'm using seems to be wrong. maybe it is (always) using an
> pre-standard. who knowns ?

ELM ME+ plus does not support RFC 2015 (execpt that there is limited
(or incomplete) support on reading cide.)

application/pgp comes from time when Elm 2.4ME+ 
was Michael Elkins' Elm2.4 PL24 MExx. ANNOUNCE.ME
(which is announce of Elm2.4 PL24 MExx) seems say:

<...>
| ELM 2.4 PL24 ME8
|  
| This is an announcement for Patchlevel ME8 for Elm 2.4pl24.                     
<...>
| What's new:             
<...>
|   * Support for application/pgp type inside multipart/mixed and message/rfc822
|      messages                                                                   

Either ANNOUNCE.ME or ChangeLog.ME gies not hint why it is application/pgp
or when where it comes to here.

Comment on source just says:

    /* This procedure implements the de-facto standard for using PGP with MIME.
     * Content-Type: application/pgp
     * Required-Parameters: none
     * Optional parameters: format, x-action
     *     format = mime | text | keys-only
     *         mime : indicates that the signed/encrypted body contains a MIME
     *                compliant body and should be parsed recursively.
     *         text : [DEFAULT if there is no format option].  This option
     *                means that the encrypted/signed data should be presented
     *                to the user after processing, no additional processing
     *                needed.
     *         keys-only:
     *                The data in the body represents public key data only
     *     x-action = encryptsign | encrypt | sign
     *         This keyword is meant to be helpful to the application, but is
     *         not required, and may not even be necessary to look at.
     *
     *         encryptsign : the application/pgp data is both signed and
     *                       encrypted.
     *         encrypt     : the data is encrypted only
     *         sign        : the data is signed only
     */                                                                                


> the following message has been created using elm 2.4ME+PL77 which is a
> popular UNIX mail reader/composer.
> it may be reached at <URL:ftp://ftp.ozone.fmi.fi/KEH/>.
> the maintainer seems to be <URL:mailto:hurtta+elm@ozone.FMI.FI (Kari Hurtta)>.
> I'll contact him right now.

elm 2.4ME+ popular UNIX mail reader/composer ?

Nice to hear :-)

/ Kari Hurtta