Re: OT: Email signing

On Tue, 2006-01-31 at 23:47 +1030, Tim wrote:
> On Mon, 2006-01-30 at 23:36 -0600, Arthur Pemberton wrote:
> > 1) Can I do both SMIME and PGP in my emails?
>
> I wouldn't think so. A signature is added to a message as confirmation
> that the message hasn't been tampered with, therefore its based on the
> message contents.

> Conjecture, because adding a signature adds to the contents: If you
> were to add one then the other, the first signature would try to
> proclaim the message to be okay. The second signature added would try
> to proclaim the message with the first signature, in combination, to be
> okay. But adding the second signature changed the message, so anyone
> trying only to use the first signature (because that's all that their
> client supported) would see the message had been changed (by the second
> signature).

In theory, it should be possible with S/MIME and PGP/MIME (OpenPGP).
In each case, the signature is a separate Mime attachment which signs
the encoded Mime part (I'm in a big discussion over on MailScanner over
busted signatures because they are rewriting and re-encoding the Mime
messages when "Sign Clean Messages" is enabled). In practice, I don't
know of anyone who is doing it or any software which has that
capability. I may try it myself and see what Evolution does with it. I
don't have an S/Mime cert installed yet but Evolution allows you to
select both "PGP Sign" and "S/MIME" sign together. I don't know what it
does with it when you do that. Verification should be amusing as well.

Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@xxxxxxxxxxxx
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!

Attachment:signature.asc
Description: This is a digitally signed message part

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: Mailing list message stats for October 2004
    ... > Total messages 6262 ... It's to do with the way the list software works, and, I suspect, how the ... signature to a plain text e-mail. ... You should understand that with these e-mails (sent using the MIME, ...
    (Fedora)
  • Re: OT: Email signing
    ... A signature is added to a message as confirmation ... >>MIME hierarchy. ... Michael Yep ...
    (Fedora)
  • Re: qmail and signatures
    ... You can't just tack the signature on the ... bottom because it breaks all the mime encoding. ... Colin Campbell ...
    (freebsd-isp)
  • Re: Swap test?
    ... http://www.faqs.org/rfcs/rfc1521.html talks about MIME. ... The RFC's for Usenet state clearly that a signature is dash, dash, ... How do you ask a man to be the last man to die in Iraq? ...
    (alt.os.linux.suse)
  • Re: OT: Email signing
    ... A signature is added to a message as confirmation ... But adding the second signature changed the message, ... MIME hierarchy. ... No guarantees about any and all clients being able to read ...
    (Fedora)