Am 22.05.19 09:40 schrieb(en) Daniel Kahn Gillmor:
I've just published a new draft that aims to collect examples of these
manglings, and recommendations about sensible ways to handle them safely if you
encounter them:
This will be very helpful IMHO!
If you have any examples of mangled messages sitting around -- in your
implementation's test suite, in your pile of bugs-to-be-reported, please think
of this draft as a place to collect them, as well as a place to document how to
most effectively work around these failures as they are encountered by a
friendly MUA.
For multipart/signed, the signature may be broken by MTA (and POP3) transactions if any line
in the data stream starts with a period (“.”, ASCII 0x2e) character. In this
case, RFC 5321, Sect. 4.5.2 and RFC 1939, Sect. 3, require that the period is doubled for the
transmission, which the receiving party shall remove. If it fails to do so, obviously the
signature is broken. The workaround is to just remove the extra period.
Actually, a message I sent to this list (<https://mailarchive.ietf.org/arch/msg/openpgp/SKclvRGw9kan13GSsP66NlHHKEc>)
reached my mailbox with /exactly/ this error – in the line containing “[…]RFC 3156, sect. 5 states
that[…]” the period has been doubled. I verified with some test messages that neither my provider's MTA nor my
POP client produces the issue…
Best,
Albrecht.
pgp5iHHG1npb6.pgp
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp