-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 13 Feb 2002, disastry(_at_)saiknes(_dot_)lv wrote:
PGP/MIME is evil.
It is the only sensible way to properly secure an entire MIME message
with PGP.
In the case of signed messages, it allows the recipient to be sure that
the sender signed _all_ of the message, including attachments: it allows
arbitrarily complex messages to be signed successfully: in principle it
allows the sender to send a signed message to a group of people, some of
whom are not interested in PGP at all since the act of signing does not
pollute the actual message in any way.
Of course the last point depends on basic MIME compliance of users'
MUAs, and there are some common clients that treat multipart/unknown
differently to multipart/mixed :-((
In the case of encrypted messages, it allows the sender to be sure that
no-one intercepting the message can know if any attachments are present
and what types of attachments there are. It allows encryption of
arbitrarily complex messages.
can not save message to disk and decrypt
the decryption is easy; but you will be left with a MIME message which
will need to be interpreted (by munpack etc) which is a barrier. Best
thing is to encourage PGP/MIME support in MUAs.
and/or verify later outside MUA,
verify is easy if the message source is available.
some virus checking software removes attachments,
some virus checking software removes/quarantines _all_ PGP encrypted
material.
does not work with many mailing lists (that are configured to remove
attachments),
Best thing is to encourage PGP/MIME support in mailing-lists.
[[ Actually, best thing is to encourage MIME support in mailing lists
(some lists append text material to the end of messages - which in the
case of multipart/* messages gets hidden by MIME MUAs!) ]]
does not work with newsgroups.
have a look at alt.security.pgp and see how much PGP clear-signed
material is quoted/requoted etc Many messages consist mainly of
redundant fragments of quoted ascii-armor. This seems to me to be a
serious barrier to the routine use of PGP in newsgroups/mailing-lists.
How about the opposite contention:
"Clear-signed messages are evil"
The ascii-armor is intrusive, so that the use of PGP is restricted
to arenas where people will put up with such material "in their
faces".
The ascii-armor breaks the UseNet signature convention ("-- "
becomes "- -- "): another barrier to routine use of PGP in UseNet.
Clear signing is often done "behind the MUAs back" - leading to
wrapping problems (how many users have to be told how to balance the
wrapping action of their MUAs against the wrapping action of their
PGP settings?)
Clear-signing starts breaking when messages are not simple us-ascii
and can't be used to properly secure messages with attachments.
[As an example of the first case, I will clear sign this message via
the clipboard. The signature will fail. because the '€' character
will be signed by PGP as a Windows-1252 character (which is what the
clipboard will contain), but my MUA will send it utf-8.]
In practice, clear-signing can be made to interoperate for simple us-
ascii messages, and PGP/MIME support is indeed patchy, but I hope
PGP/MIME support does grow because of its inherent advantages.
And if it doesn't, the "world's most popular clients" can still sign and
encrypt arbitrary MIME messages securely - they include seamless S/MIME
support.
- --
Ian Bell T U R N P I K E
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPGpO573aNYn/fmK7EQL3YACfTxQv/5/eL2F+i33MIvIQMkNwONAAn26A
QNdP0tJK59utXegMPXCjcwT7
=bSLW
-----END PGP SIGNATURE-----