OT: Email signing

Michael H. Warfield mhw at WittsEnd.com
Tue Jan 31 15:58:42 UTC 2006 

On Tue, 2006-01-31 at 23:47 +1030, Tim wrote:
> On Mon, 2006-01-30 at 23:36 -0600, Arthur Pemberton wrote:
> > 1) Can I do both SMIME and PGP in my emails?
> 
> I wouldn't think so.  A signature is added to a message as confirmation
> that the message hasn't been tampered with, therefore its based on the
> message contents.

> Conjecture, because adding a signature adds to the contents:  If you
> were to add one then the other, the first signature would try to
> proclaim the message to be okay.  The second signature added would try
> to proclaim the message with the first signature, in combination, to be
> okay.  But adding the second signature changed the message, so anyone
> trying only to use the first signature (because that's all that their
> client supported) would see the message had been changed (by the second
> signature).

	In theory, it should be possible with S/MIME and PGP/MIME (OpenPGP).
In each case, the signature is a separate Mime attachment which signs
the encoded Mime part (I'm in a big discussion over on MailScanner over
busted signatures because they are rewriting and re-encoding the Mime
messages when "Sign Clean Messages" is enabled).  In practice, I don't
know of anyone who is doing it or any software which has that
capability.  I may try it myself and see what Evolution does with it.  I
don't have an S/Mime cert installed yet but Evolution allows you to
select both "PGP Sign" and "S/MIME" sign together.  I don't know what it
does with it when you do that.  Verification should be amusing as well.

	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060131/25f45694/attachment-0001.sig>

More information about the fedora-list mailing list