Re: OT: Email signing

On Tue, 2006-01-31 at 23:47 +1030, Tim wrote:
> On Mon, 2006-01-30 at 23:36 -0600, Arthur Pemberton wrote:
> > 1) Can I do both SMIME and PGP in my emails?

> I wouldn't think so. A signature is added to a message as confirmation
> that the message hasn't been tampered with, therefore its based on the
> message contents.

> Conjecture, because adding a signature adds to the contents: If you
> were to add one then the other, the first signature would try to
> proclaim the message to be okay. The second signature added would try
> to proclaim the message with the first signature, in combination, to be
> okay. But adding the second signature changed the message, so anyone
> trying only to use the first signature (because that's all that their
> client supported) would see the message had been changed (by the second
> signature).

This message should be signed by both S/MIME and PGP, so, yes, it's
"possible". In this case, the signatures do nest in a nested multipart
MIME hierarchy. The message body is encoded quoted-printable in one
MIME part. The encoded part is then signed and the signature is in
another MIME part. That assemblage is nested in another MIME part which
is then S/MIME signed and that forms another MIME part.

Message ----
Mime S ----
Mime P ----
Body
Mime P ----
GPG signature on Body
Mime P ----
Mime S ----
S/Mime Signature on Mime P
Mime S ----
Message ----

Now, why anyone would want to do this, I don't know. But it obviously
is possible and Evolution will, obviously, do it. In theory, this
should work. No guarantees about any and all clients being able to read
and verify it, however. Evolution certainly handles it. I've seen
enough compatibility problems between varying clients just withing pure
PGP/GPG and within pure S/MIME to have any expectations here.

My S/MIME certificate is signed by the CACert.org, <www.cacert.org>,
root certificate. Maybe we'll see who can verify either with what...

Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@xxxxxxxxxxxx
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!

Attachment:signature.asc
Description: This is a digitally signed message part

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: Mailing list message stats for October 2004
    ... > Total messages 6262 ... It's to do with the way the list software works, and, I suspect, how the ... signature to a plain text e-mail. ... You should understand that with these e-mails (sent using the MIME, ...
    (Fedora)
  • Re: OT: Email signing
    ... A signature is added to a message as confirmation ... >>MIME hierarchy. ... Michael Yep ...
    (Fedora)
  • Re: qmail and signatures
    ... You can't just tack the signature on the ... bottom because it breaks all the mime encoding. ... Colin Campbell ...
    (freebsd-isp)
  • Re: Swap test?
    ... http://www.faqs.org/rfcs/rfc1521.html talks about MIME. ... The RFC's for Usenet state clearly that a signature is dash, dash, ... How do you ask a man to be the last man to die in Iraq? ...
    (alt.os.linux.suse)
  • Re: OT: Email signing
    ... The previous message did not have the S/MIME ... A signature is added to a message as confirmation ... > MIME hierarchy. ... No guarantees about any and all clients being able to read ...
    (Fedora)