Karl Kashofer writes:
We have Comment: and Hash: lines inside the PGP markers, why cant we
have Subject: ?
I think this is a shortcoming of PGP email encryption and should be
fixed, dont you ?
The problem is that we do sort of have a solution to this already, which
Werner described: use PGP/MIME. MIME allows for embedding one email
message inside another, and the MIME security extensions, including
PGP/MIME, show how to encrypt such an embedded message.
The problem is that almost no mailers support this. Few enough even
support PGP/MIME, and then they would also have to be smart enough to
figure out what to do with an embedded email message. Replacing the
enclosing message's headers with those from the embedded message is not
an obvious thing to do.
Your solution is simpler but it would still require implementation
in the mailers. They would have to decrypt the message and then move
the data from this new Subject: header up to the outer mail headers.
This requires tight integration between the mail agent and the encryption
layer of a type which generally does not exist today.
Instead of rewriting mail agents to do this, it would probably be more
productive to work to get wider general support for PGP/MIME, along with
support for embedding email messages to protect the headers.
Hal Finney