ietf-openpgp
[Top] [All Lists]

Re: [Chris Newman] COMMENT: draft-ietf-openpgp-rfc2440bis

2007-05-04 13:51:07
On Fri, May 04, 2007 at 02:53:21PM -0400, Sam Hartman wrote:

Do people in the working group support making the change Chris
proposes?  It is unlikely to be required by the IESG and is unlikely
to delay the document either way.  The question is whether people
believe that it would make the document better.

I definitely do agree with Chris that using traditional PGP clearsigned
messages in email is harmful in so many ways. I have actually encountered the
scenario that he describes as hypothetical several times (even in a corporate
setting).

I am fully supportive of the change (and even the recommended wording).

Also, I would like to mention that together with Janis Schuller, we have
devised a very nice way of interoperating between environments which do
support multipart mime and those that do not. Please take a look at this
document:
http://redcent.h1101990.serverkompetenz.net/0000000000000095

It is a Section 7-style clearsigned document, but it can be converted into
an rfc3156-style signed document without using the private key (actually,
just using a text editor).

Note: Squatting the text/plain.epoint.* mime-type namespace was not a nice
thing to do, but that is not the point.

Cheers,

-- 
Daniel

Attachment: signature.asc
Description: Digital signature