Re: [Evolution] pgp unusable?

From: Jeffrey Stedfast <fejj ximian com>
To: lfarkas mindmaker hu
Cc: evolution ximian com
Subject: Re: [Evolution] pgp unusable?
Date: 29 Nov 2001 18:40:24 -0500

On Thu, 2001-11-29 at 17:52, Levente Farkas wrote:

Jeffrey Stedfast wrote:


It works for me... although someone reported a bug saying that when a
recipient's gpg key is not signed, when sending them encrypted mail, it
only encrypts to the sender's key.


yes it's true thre recipient's gpg key is not signed!

THIS IS A BUG IN GPG!!!!!


in this case it should have to report to gpg

gpg tells us everything went fine, so Evolution has no way of knowing
that it didn't encrypt to all the recipients we told it to encrypt to,
thus it's not our fault.

How is your pine configured to use gpg? does it pass the --always-trust
argument to gpg? I didn't make Evolution do that because I figured it
might be considered "bad", but I think other mail clients might be doing
that.


there is a -at option which is not in the manual but I assume it is the
same as --always-trust.


Yea, I presume you're right...it's probably the same as --always-trust.

can you try setting an option in ~/.gnupg/options and see if it works? I
personally feel this is the better solution, because making Evolution
pass the --always-trust flag to gpg will more than likely get us flamed
for not being more "secure" or whatever.


In-line pgp mode is a broken way to do it - so many things can go
"wrong". Should I first QP/Base64 encode the text before signing? or
should I do it afterward? Do I From-escape before? afterward? ever? Do I
CRLF encode before signing?


do what most inline mailer do! if you already non-standard the try to be
the most usable.


That's the problem, there is no standard way of doing it in-line. One
mailer might QP encode before signing, another might decide to sign the
raw 8bit text and then QP encode it. There's too many combinations to be
able to do it and be compatible with all the other mailers.

It's unfortunate, but I can't think of a way to do it. You're welcome to
try though...

No mailer does it the same, they all have their own pseudo-standard way
of doing it. That is why we don't do it, because it's broken.


but most mailer support it and the current case almost unusable since
just other evo user can use read my mails:-( at least an option to
use the non-standard inline version would be useful.


see above.

Jeff

-- 
Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.
fejj ximian com  - www.ximian.com

References:
- [Evolution] pgp unusable?
  - From: Levente Farkas
- Re: [Evolution] pgp unusable?
  - From: Jeffrey Stedfast
- Re: [Evolution] pgp unusable?
  - From: Levente Farkas

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]