I'm completely torn here; yes, we absolutely should do the "right"
thing and encourage the use of multipart/encrypted. But I think
that it's technically a lot easier to send a text/plain that just
contains an ASCII-armoured PGP blob. Also, we can't actually handle
multipart/encrypted ourselves.
Dealing with encode and decode are two distinct problems.
I thought a bit more about sign/encrypt after I sent that message yesterday,
and it seems that it should be possible to put together a script that can be
invoked at the what now prompt to handle the PGP (or S/MIME)
signature/encryption steps, and do the required MIME massaging of the message.
This is how (al)pine handles PGP.
The receive side is a bit trickier. When a multipart/encrypted is spotted, we
need to loop that part out to an external process that would handle the
decryption and return the underlying content.
As long as we can dispatch based on the 'protocol' parameter, MH itself can
remain completely agnostic with respect to the encryption method. I'm pretty
sure we have all the logic required to specify this, so the real work is in
adding the code to pipe the multipart/encrypted part through the external
process and insert the decoded result.
--lyndon
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers