Immer wieder muss ich danach suchen, jetzt habe ich es mal hochgeladen:

Sinn und Zweck ist es, reinkommende Mails mit Inline PGP Signaturen und Schlussel, in MIME zu konvertieren. Das muss man dann machen, wenn auf

der einen Seite ein „broken“ Mail Client benutzt wird, der das „alte“ Verfahren nutzt, und auf der anderen Seite Evolution sitzt. Denn dieser

Client kann nur MIME. Es gibt einige heftige Diskussionen daruber auf der Mailingliste, Auszuge gefallig?:

On Fri, 2004-05-14 at 16:06 -0500, Brian G. Peterson wrote:

I’m writing to inquire after the status of inline OpenPGP support in

Evolution. Google and the archive for this list (and my current

experience with Evolution) seem to indicate that inline OpenPGP messages

are *still* not supported.

inline support is required for full OpenPGP standards compliance

uhm… completely irrelevant. OpenPGP is the same bloody thing as

„inline pgp“. they are synonymous. OpenPGP is the format for PGP

applications to implement, not MUA’s. Would you really want your MUA to

implement OpenPGP? I know I wouldn’t.

, and

almost all OpenPGP compliant mailers offer some support for inline

encryption and signatures, if only on decrypt/verify.

if you say so…

The current draft OpenPGP RFC (RFC2440bis) will almost certainly contain

additional implementation details to make it easier for users to

indicate in thier keys which mail format that they wish others to use

when communicating with them.

RFC 3156 (OpenPGP/MIME) neither obsoletes nor modifies RFC 2440, but

rather offers a complimentary implementation of RFC 2440, and could be

said to extend that standard to clearly define how to use OpenPGP with MIME.

again, irrelevant. mailers send MIME, hence they should use rfc3156.

rfc2440 is for pgp programs to implement, not MUA’s. rfc3156 describes

how to use use rfc2440 with MIME. MUA’s send MIME.

Conclusion: MUA’s are meant to send rfc3156 compliant messages.

by definition, if you send rfc3156 messages, you also comply with

rfc2440 🙂

The fact is that inline support is required for the largest

interoperability, and is not hard to implement.

does this mean you’ll send us a patch? 🙂

Not supporting it

causes huge interoperability problems with Microsoft’s Outlook products,

Outlook doesn’t support PGP by itself, and most corporate Outlook users

that use encryption/signatures don’t use PGP anyway. They use S/MIME.

and with many versions of Commercial PGP.

funny that commercial PGP mailer-plugins doesn’t follow the IETF

standards…

I’d love an update on the status of inline support.

it’s not implemented and it’s not going to make it into 2.0 either

(we’re feature frozen). There are also no future plans to implement it

(then again, we have no plans for after the 2.0 release, so that isn’t

saying much…)

End Of Thread (since nothing useful can come out of further discussion

of this topic)

Jeff

On Sat, 2004-05-15 at 11:56, Gregor Hlawacek wrote:

Am Sa, den 15.05.2004 schrieb Jeffrey Stedfast um 1:09:

On Fri, 2004-05-14 at 16:06 -0500, Brian G. Peterson wrote:

I’m writing to inquire after the status of inline OpenPGP support in

Evolution. Google and the archive for this list (and my current

experience with Evolution) seem to indicate that inline OpenPGP messages

are *still* not supported.

inline support is required for full OpenPGP standards compliance

………….

End Of Thread (since nothing useful can come out of further discussion

of this topic)

I think the last sentence is a little bit rude.

all past threads that had anything to do with inline pgp turned into a

flame wars and I’d rather not have to wade thru yet another…

No matter some one was

asking for a feature (that I think would be nice) and at least has read

a lot of rfc which is not easy especially when the topic is mime and

pgp. I know that other (M$ and Linux) mailer have this option and I

think it would be nice. It is okay to decide to not implement this but

it should be okay to talk about it.

the thing is, what is there to talk about really? a feature request has

already been filed. some contributor was working on it but has seemingly

disappeared (this is like the 4th or 5th time this has happened).

No matter who does the actuall encryption or singing my mailer should at

least give an interface to all the usefull features of pgp.

that’s basically impossible.

However pgp

signing is working and I am using it. I guess that the signature evo

creates with the help of pgp is only for the text not for attachements

(kmail can do both)?

no, Evolution signs the toplevel MIME part which means that the

attachments are included in the signature.

you can’t do this with „inline pgp“. in fact, this is one of the many

problems with inline pgp, you can’t sign attachments. Some mailers

(Outlook and/or PGPMail?) will do dumb shit like signing or encrypting

the content and still setting the Content-Type to whatever the

attachment mime-type was. This totally breaks stuff for mailers, even

ones that purport to support inline-pgp because most inline-pgp mailers

only support inline-pgp in text/plain parts. They don’t even think to

look in image/jpeg or whatever else parts (which some inline-pgp mailer

or another actually does – I know because we got a bug report about it a

few years back).

totally pisses me off because once you clearsign or encrypt the content,

it’s no longer the same mime-type, but broken mailers that send

inline-pgp do it all the bloody time.

Content-Type is meant to tell MUA’s what the content is so that they can

display it properly.

If your MUA doesn’t smoke from the same crackpipe that the email

author’s mailer smokes from, then your mailer won’t be able to handle

it.

The whole bloody purpose of MIME is to avoid this issue!!!

Ich meine, ich kann es ja nachvollziehen das Inline PGP Schrott ist und wieder mal (fast) alle Mail User Agents dem hinterher rennen, aber das

finde ich dann doch zu ignorant. Defacto kommt gerade mal ein MUA mit meinen Outline MIME Nachrichten (in der Windows Welt)

zurecht und das ist Thunderbird (Mozilla zahle ich nicht extra auf). Mir war, als wenn selbst KMail nur Inline PGP beherrscht.

Thunderbird losst es sehr elegant, bei Empfangern wo er nicht weis, welches Verfahren genutzt werden soll, nutzt er PGP Inline, ansonsten MIME.

Die Evolution Hacker konnten sich da eine Scheibe abschneiden. 🙁 . Fairerweise sollte erwahnt werden, das gegen Bares (200$) ein Patch

erworben werden kann, der PGP Inline nachrustet. Angeblich soll ein anderer Patch in Evo 2.2 einfliesen.