Re: OT: Email signing
- From: "Michael H. Warfield" <mhw@xxxxxxxxxxxx>
- Date: Tue, 31 Jan 2006 15:43:37 -0500
I guess it would have helped if I had actually flipped the S/MIME bit
BEFORE hitting send. The previous message did not have the S/MIME
signature. This one should. :-( I doubled checked it this time...
Mike
On Tue, 2006-01-31 at 15:32 -0500, Michael H. Warfield wrote:
> On Tue, 2006-01-31 at 23:47 +1030, Tim wrote:
> > On Mon, 2006-01-30 at 23:36 -0600, Arthur Pemberton wrote:
> > > 1) Can I do both SMIME and PGP in my emails?
>
> > I wouldn't think so. A signature is added to a message as confirmation
> > that the message hasn't been tampered with, therefore its based on the
> > message contents.
>
> > Conjecture, because adding a signature adds to the contents: If you
> > were to add one then the other, the first signature would try to
> > proclaim the message to be okay. The second signature added would try
> > to proclaim the message with the first signature, in combination, to be
> > okay. But adding the second signature changed the message, so anyone
> > trying only to use the first signature (because that's all that their
> > client supported) would see the message had been changed (by the second
> > signature).
>
> This message should be signed by both S/MIME and PGP, so, yes, it's
> "possible". In this case, the signatures do nest in a nested multipart
> MIME hierarchy. The message body is encoded quoted-printable in one
> MIME part. The encoded part is then signed and the signature is in
> another MIME part. That assemblage is nested in another MIME part which
> is then S/MIME signed and that forms another MIME part.
>
> Message ----
> Mime S ----
> Mime P ----
> Body
> Mime P ----
> GPG signature on Body
> Mime P ----
> Mime S ----
> S/Mime Signature on Mime P
> Mime S ----
> Message ----
>
> Now, why anyone would want to do this, I don't know. But it obviously
> is possible and Evolution will, obviously, do it. In theory, this
> should work. No guarantees about any and all clients being able to read
> and verify it, however. Evolution certainly handles it. I've seen
> enough compatibility problems between varying clients just withing pure
> PGP/GPG and within pure S/MIME to have any expectations here.
>
> My S/MIME certificate is signed by the CACert.org, <www.cacert.org>,
> root certificate. Maybe we'll see who can verify either with what...
>
> Mike
> --
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@xxxxxxxxxxxx
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:signature.asc
Description: This is a digitally signed message part
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- Follow-Ups:
- Re: OT: Email signing
- From: Gordon Messmer
- Re: OT: Email signing
- From: Anne Wilson
- Re: OT: Email signing
- From: Michael Yep
- Re: OT: Email signing
- References:
- OT: Email signing
- From: Arthur Pemberton
- Re: OT: Email signing
- From: Gordon Messmer
- Re: OT: Email signing
- From: Arthur Pemberton
- Re: OT: Email signing
- From: Tim
- Re: OT: Email signing
- From: Michael H. Warfield
- OT: Email signing
- Prev by Date: Questions about dump
- Next by Date: Re: OT: Email signing
- Previous by thread: Re: OT: Email signing
- Next by thread: Re: OT: Email signing
- Index(es):
Relevant Pages
|
