* GPG: Are attachments or headers also encrypted on C-c C-m C-c? @ 2012-10-17 7:54 Marius Hofert 2012-10-17 8:21 ` Kevin Brubeck Unhammer [not found] ` <mailman.11157.1350462180.855.info-gnus-english@gnu.org> 0 siblings, 2 replies; 5+ messages in thread From: Marius Hofert @ 2012-10-17 7:54 UTC (permalink / raw) To: Emacs Gnus Hi, Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or signed and encrypted with C-c C-m C-e) fully encrypted in the sense that attachments are also encrypted? I would have guessed that only the main part/body of the email (without subject headers or attachments) are encrypted, but I couldn't find sufficient information on this. Cheers, Marius ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c? 2012-10-17 7:54 GPG: Are attachments or headers also encrypted on C-c C-m C-c? Marius Hofert @ 2012-10-17 8:21 ` Kevin Brubeck Unhammer [not found] ` <mailman.11157.1350462180.855.info-gnus-english@gnu.org> 1 sibling, 0 replies; 5+ messages in thread From: Kevin Brubeck Unhammer @ 2012-10-17 8:21 UTC (permalink / raw) To: info-gnus-english Marius Hofert <marius.hofert@math.ethz.ch> writes: > Hi, > > Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or > signed and encrypted with C-c C-m > C-e) fully encrypted in the sense that attachments are also encrypted? > > I would have guessed that only the main part/body of the email (without subject > headers or attachments) are encrypted, but I couldn't find sufficient > information on this. I just tested by doing `C-c C-m C-c' and then `C-c C-m f', sending to a webmail. The webmail showed the unencrypted subject, so I assume all headers are unencrypted. The body was empty, and there were two attachments: $ file Attachment* Attachment1: ASCII text Attachment2: PGP message $ cat Attachment1 Version: 1 $ gpg -d Attachment2 > Attachment2.decrypted # [enter passphrase] $ file Attachment2.decrypted Attachment2.decrypted: multipart/mixed; boundary="=-=-=", From what I can tell, the (contents of the) file I attached does not appears unencrypted anywhere in the email sent by Gnus; everything is encrypted[1]. But of course, if you want to make really sure that it's encrypted before sending, you could simply $ gpg -r alice@example.com -e myattachment.txt and attach the resulting myattachment.txt.gpg [1] Apropos, I'm pretty sure K-9 mail on Android does _not_ encrypt attachments, yet. -- Kevin Brubeck Unhammer GPG: 0x766AC60C ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <mailman.11157.1350462180.855.info-gnus-english@gnu.org>]
* Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c? [not found] ` <mailman.11157.1350462180.855.info-gnus-english@gnu.org> @ 2012-10-17 10:47 ` Marius Hofert 2012-10-17 11:06 ` Kevin Brubeck Unhammer [not found] ` <mailman.11165.1350472088.855.info-gnus-english@gnu.org> 0 siblings, 2 replies; 5+ messages in thread From: Marius Hofert @ 2012-10-17 10:47 UTC (permalink / raw) To: gnu.emacs.gnus; +Cc: info-gnus-english > > Hi, > > > > > > Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or > > > signed and encrypted with C-c C-m > > > C-e) fully encrypted in the sense that attachments are also encrypted? > > > > > > I would have guessed that only the main part/body of the email (without subject > > > headers or attachments) are encrypted, but I couldn't find sufficient > > > information on this. > > > > I just tested by doing `C-c C-m C-c' and then `C-c C-m f', sending to a > > webmail. Hi Kevin, Many thanks for your quick reply. What exactly did you send? I assume your sent message was encrypted and appeared as the encrypted attachment 2 on the webmail. But what did you send such that it appeared (unencrypted) as attachment 1? Was it a .txt attachment containing "Version: 1"? If so, it wasn't encrypted ... I was wondering if, for example, a standard .pdf document attached will appear at the recipient encrypted as .pdf.gpg? If so, this would not require oneself to encrypt it manually (although I agree that this is safer) Cheers, Marius > The webmail showed the unencrypted subject, so I assume all > > headers are unencrypted. The body was empty, and there were two > > attachments: > > > > > > $ file Attachment* > > Attachment1: ASCII text > > Attachment2: PGP message > > $ cat Attachment1 > > Version: 1 > > $ gpg -d Attachment2 > Attachment2.decrypted > > # [enter passphrase] > > $ file Attachment2.decrypted > > Attachment2.decrypted: multipart/mixed; boundary="=-=-=", > > > > > > >From what I can tell, the (contents of the) file I attached does not > > appears unencrypted anywhere in the email sent by Gnus; everything is > > encrypted[1]. > > > > But of course, if you want to make really sure that it's encrypted > > before sending, you could simply > > > > $ gpg -r alice@example.com -e myattachment.txt > > > > and attach the resulting myattachment.txt.gpg > > > > > > [1] Apropos, I'm pretty sure K-9 mail on Android does _not_ encrypt > > attachments, yet. > > > > -- > > Kevin Brubeck Unhammer > > > > GPG: 0x766AC60C ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c? 2012-10-17 10:47 ` Marius Hofert @ 2012-10-17 11:06 ` Kevin Brubeck Unhammer [not found] ` <mailman.11165.1350472088.855.info-gnus-english@gnu.org> 1 sibling, 0 replies; 5+ messages in thread From: Kevin Brubeck Unhammer @ 2012-10-17 11:06 UTC (permalink / raw) To: info-gnus-english Marius Hofert <marius.hofert@math.ethz.ch> writes: >> > Hi, >> >> > >> >> > Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or >> >> > signed and encrypted with C-c C-m >> >> > C-e) fully encrypted in the sense that attachments are also encrypted? >> >> > >> >> > I would have guessed that only the main part/body of the email (without subject >> >> > headers or attachments) are encrypted, but I couldn't find sufficient >> >> > information on this. >> >> >> >> I just tested by doing `C-c C-m C-c' and then `C-c C-m f', sending to a >> >> webmail. > > Hi Kevin, > > Many thanks for your quick reply. > > What exactly did you send? > > I assume your sent message was encrypted and appeared as the encrypted > attachment 2 on the webmail. But what did you send such that it > appeared (unencrypted) as attachment 1? Was it a .txt attachment > containing "Version: 1"? If so, it wasn't encrypted ... The first attachment, named Attachment1, and containing the text "Version 1", must be something Gnus or message-mode creates (presumably to note which OpenPGP version is used?). It seems that every time I encrypt an email, what really happens is that Gnus sends an email with two attachments, Attachment1 just containing "Version 1", and Attachment2 being a PGP encrypted file containing the email body + anything I attached. So the attachment that _I_ attached with `C-c C-m f' was part of the file Attachment2, of which everything was encrypted. But don't take my word for it, just try it yourself, e.g. with some webmail system. If you want to send to your throwaway webmail at foo@bar.com, and you don't have an encryption key, you can do (setq mm-encrypt-option 'guided) first, then when you `C-c C-c', you'll be given the option to encrypt using your own public key. > I was wondering if, for example, a standard .pdf document attached > will appear at the recipient encrypted as .pdf.gpg? If so, this would > not require oneself to encrypt it manually (although I agree that this > is safer) > > Cheers, > > Marius If you attach a pdf, it'll be embedded in the file Attachment2. Note that when you open that email in _Gnus_, not some dumb webmail, Gnus automatically figures out that Attachment1 and Attachment2 represent an encrypted email, and shows it like [[PGP Encrypted Part:OK]] [1. application/octet-stream; somefile.pdf]... Hi Alice, See attached pdf file. -- Bob [[End of PGP Encrypted Part]] That is, at least it will if you've got #+begin_src emacs-lisp (setq mm-verify-option 'always mm-decrypt-option 'always gnus-buttonized-mime-types '("multipart/encrypted" "multipart/signed")) #+end_src in your ~/.gnus. I assume K9 and Thunderbird with Enigmail use the same conventions, though I haven't tried. -- Kevin Brubeck Unhammer GPG: 0x766AC60C ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <mailman.11165.1350472088.855.info-gnus-english@gnu.org>]
* Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c? [not found] ` <mailman.11165.1350472088.855.info-gnus-english@gnu.org> @ 2012-10-17 12:13 ` Marius Hofert 0 siblings, 0 replies; 5+ messages in thread From: Marius Hofert @ 2012-10-17 12:13 UTC (permalink / raw) To: gnu.emacs.gnus; +Cc: info-gnus-english Very good, many thanks for the detailed explanations, Kevin. Cheers, Marius ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-10-17 12:13 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2012-10-17 7:54 GPG: Are attachments or headers also encrypted on C-c C-m C-c? Marius Hofert 2012-10-17 8:21 ` Kevin Brubeck Unhammer [not found] ` <mailman.11157.1350462180.855.info-gnus-english@gnu.org> 2012-10-17 10:47 ` Marius Hofert 2012-10-17 11:06 ` Kevin Brubeck Unhammer [not found] ` <mailman.11165.1350472088.855.info-gnus-english@gnu.org> 2012-10-17 12:13 ` Marius Hofert
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).