OT: Email signing
Michael H. Warfield
mhw at WittsEnd.com
Tue Jan 31 15:58:42 UTC 2006
On Tue, 2006-01-31 at 23:47 +1030, Tim wrote:
> On Mon, 2006-01-30 at 23:36 -0600, Arthur Pemberton wrote:
> > 1) Can I do both SMIME and PGP in my emails?
>
> I wouldn't think so. A signature is added to a message as confirmation
> that the message hasn't been tampered with, therefore its based on the
> message contents.
> Conjecture, because adding a signature adds to the contents: If you
> were to add one then the other, the first signature would try to
> proclaim the message to be okay. The second signature added would try
> to proclaim the message with the first signature, in combination, to be
> okay. But adding the second signature changed the message, so anyone
> trying only to use the first signature (because that's all that their
> client supported) would see the message had been changed (by the second
> signature).
In theory, it should be possible with S/MIME and PGP/MIME (OpenPGP).
In each case, the signature is a separate Mime attachment which signs
the encoded Mime part (I'm in a big discussion over on MailScanner over
busted signatures because they are rewriting and re-encoding the Mime
messages when "Sign Clean Messages" is enabled). In practice, I don't
know of anyone who is doing it or any software which has that
capability. I may try it myself and see what Evolution does with it. I
don't have an S/Mime cert installed yet but Evolution allows you to
select both "PGP Sign" and "S/MIME" sign together. I don't know what it
does with it when you do that. Verification should be amusing as well.
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060131/25f45694/attachment-0001.sig>
More information about the fedora-list
mailing list