Re: Kmail problems with signed attachments
On Thu, Apr 10, 2003 at 07:30:20PM +0200, Mika Fischer wrote:
>
> I guess you mean: that kmail puts the CRs in for signing is good, but
> that it removes them again before sending is not :)
Mmh... Now that you say it, I should review it a bit. Probably Python's
SMTP module is CR'cing the message before sending it. I'll tell you...
> I can live with that. But as it is now, every signd mail with an
> attachment will have its signature damaged even before it leaves
> kmail...
>
> But anyway can you tell me which RFC you're referring to? In 1847 I
> couldn't find anything like that...
RFC 2015: MIME Security with Pretty Good Privacy (PGP)
Quote:
When the PGP digital signature is generated:
(1) The data to be signed must first be converted to its
type/subtype specific canonical form. For text/plain, this
means conversion to an appropriate character set and conversion
of line endings to the canonical <CR><LF> sequence.
(2) An appropriate Content-Transfer-Encoding is then applied. Each
line of the encoded data MUST end with the canonical <CR><LF>
sequence.
(3) MIME content headers are then added to the body, each ending
with the canonical <CR><LF> sequence.
(4) As described in [1], the digital signature MUST be calculated
over both the data to be signed and its set of content headers.
(5) The signature MUST be generated detached from the signed data
so that the process does not alter the signed data in any way.
...
[1] Galvin, J., Murphy, G., Crocker, S., and N. Freed, "Security
Multiparts for MIME: Multipart/Signed and Multipart/Encrypted",
RFC 1847, October 1995.
> And, as a side note: mutt puts no CRs in... :)
>
> Cheers,
> Mika
Reply to: