I wrote:
One problem in this implementation is authentication of the original
message
sender. The server removes original sender's signature attached to an
encrypted message when replacing an original message with the re-encrypted
message. This is because PGP decrypt program, pgpv, strips the signature
when it decrypts the message.
Many people advised me about this issue. Thanks > everyone.
I think that the best way is modifying pgpv to stop the decryption process
after finding an encrypted message and re-encrypting the message with the
original signature.
Is this modification easy?
Another problem is comformance to OpenPGP/MIME specification proposed by
K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using
'Encrypted-then-Signed' service, the current implementation replace the
inner multipart/encrypted MIME object and this makes impossible to verify
the signature in the outer multipart/signed MIME object.
I think that this issue needs to define standard processes of this kind of
mailing list agents.
I mean, for example, if a signed-then-encrypted message is posted to a
mailing list, the mailing list agent should decrypt and re-encrypt to the
members, then the agent may sign to it. Or, if a encrypted-then-signed
message, the agent can eliminate the signature and decrypt&re-encrypt, and
so on.
In S/MIME, an I-Draft, "Enhanced Security Services for S/MIME" describes
secure mailing list services and defines the standerd process of mailing
list agents. We need the definitions like it for OpenPGP, don't we? --hiro