In our last episode ("Re: Dash-escaping and the Usenet sig convention",
shown on 12/12/00), Werner Koch said:
The preferred way to encapsulate OpenPGP messages in mail is by using
MIME as defined in RFC2015. No need for the old fashioned cleartext
signing.
I disagree completely. The correct way to encapsulate messages is with
cleartext. I often delete PGP-MIME messages without reading them because
it's such a pain to deal with them. I commonly use five different mail
readers on four different OSes, and none of them do PGP-MIME reliably.
That's Eudora on Mac and Windows, Outlook on Windows, Netscape and Pine on
Linux and OSX. The biggest pain is on Windows, where it's hard to scrape up
the attachment to put it in a text editor.
The question is, how do openPGP clients cope with such messages and what
It is a matter of the MUA to handle this right. Mutt for example
does remove the dash escaping even when it does not verify the
signature.
I agree that this is a MUA and newsreader issue. They should parse out the
quoting. The dash-escape may be ugly, but it's been a part of PGP since day
2, if not day 1.
Jon