From jmoore3rd at bellsouth.net  Mon Sep  7 10:01:46 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 07 Sep 2009 13:01:46 -0400
Subject: [Enigmail] [Fwd: strange behavior/maybe a critical bug?]
In-Reply-To: <4AA5398E.60503@sixdemonbag.org>
References: <4AA5398E.60503@sixdemonbag.org>
Message-ID: <4AA53C7A.8080009@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Robert J. Hansen wrote:
> The forwarded message is an Enigmail problem report which was posted to
> GnuPG-Users.  There is no cause for concern or panic right now: user
> error seems to be the most likely cause.  I suspect the user failed to
> use PGP/MIME, which meant the attachment was transmitted in the clear.

Even if PGP/MIME was used; Enigmail had already 'decrypted' it when the
User chose to 'Save' it to the Desktop.

> That said, we take all problem reports seriously.  We are looking into
> this matter, and if there turns out to be anything wrong with Enigmail
> we will certainly let people know.

Of course!

JOHN ;)
Timestamp: Monday 07 Sep 2009, 13:01  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKpTx2AAoJEBCGy9eAtCsPhgIH/AkBKKCQ3RVVLhAV5Lswk+yR
LHrAqerSij3ue9eqBnxgt4mUgOP0yquggMZclqXSkOt0DqgH+e9eEEYE05srfuNv
Z/6uDVNgfAoEYIS6Xea0qtGRdDAFQSHeai8b+MYgrwvK9o+zDJFAZpfHCzWBXTYO
7955uO4x+OKJl7FkLLSCmJiHdNLu9qK5H1ASxm1+iVG80OnogacqCKk748IPMIWm
qOooDAtBOXgLZ6g24Dw3mKYABP37DIAQ8lbwxzQBqGx2PcE5vG+qonmeGwojssRG
L6Sb4v3y/Dw29DgtLyBdnJoxUA4GngqmsFmKF+oHCjUum00SuNVP2DH9laCW6ls=
=gNhV
-----END PGP SIGNATURE-----

From alaric at metrocast.net  Mon Sep  7 10:08:00 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Mon, 07 Sep 2009 13:08:00 -0400
Subject: [Enigmail] [Fwd: strange behavior/maybe a critical bug?]
In-Reply-To: <4AA5398E.60503@sixdemonbag.org>
References: <4AA5398E.60503@sixdemonbag.org>
Message-ID: <4AA53DF0.6070602@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
> The forwarded message is an Enigmail problem report which was posted to
> GnuPG-Users.  There is no cause for concern or panic right now: user
> error seems to be the most likely cause.  I suspect the user failed to
> use PGP/MIME, which meant the attachment was transmitted in the clear.
> 
> That said, we take all problem reports seriously.  We are looking into
> this matter, and if there turns out to be anything wrong with Enigmail
> we will certainly let people know.
> 
> 
> 	-- Rob, writing for the team
> 
> 
> 
> 
> 
> 
> -------- Original Message --------
> Subject: strange behavior/maybe a critical bug?
> Date: Mon, 7 Sep 2009 15:53:06 +0200 (CEST)
> From: wittau at lnxnt.org
> To: gnupg-devel at gnupg.org
> 
> Hello everyone,
> 
> I?m not a developer but I encountered a strange behavior regarding gpg
> encrypted messages. Maybe I discovered a critical bug, maybe I?m
> absolutely wrong. I try to be as precise as possible.
> 
> The situation was an Enigmail installation at a USB-Stick for Windows,
> with encrypted mails. We tried to find a possibility for decrypting some
> .pdf files at MacOS 9 from this USB-Stick. So we searched about the
> right mails in the text-files, and copied the encrypted code to a text
> file. At BBEdit I added the lines "----- begin pgp message -----" and
> "------ end pgpg message -----" to the encrypted text.


Is this an exact copy or a typo in the message?  Because if so, it would
appear PGP decrypted the message body successfully and then, at the last
moment before returning, errored out on the invalid 'end' message
('pgpg' vs. 'pgp'), leaving the plaintext on the desktop.  If this is
the case, it could definitely be argued that this is a bug in PGP6; it
should probably verify the armoring end-to-end before it actually begins
to decrypt anything.


> Than I installed PGP 6.0 at my Mac G3 and imported the private key.
> After importing, I went to PGP-Tools and "decrypt/veryfy" and selected
> the textfile for decryption.
> 
> PGP 6 produces an error and tells me:
>  "the file "xy" could not be decrypted/verified because an error
> occured: ascii armor input incomplete."
> 
> BUT - PGP produces an file at my desktop! After renaming this file "xy"
> to "xy.pdf" I can read the pdf without any password!
> 
> That behavior is reproduceable!
> It?s possible to read every encrypted attachements from enigmail without
> the need of an password, ...

By going through the entire procedure detailed here?  If no password is
requested at any point during the process you describe, would I be right
in guessing the private key in question has no password on it?



- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqlPe8ACgkQ0DfOju+hMkksCACcCGkGFEFgQgvQl1iJV1Tjd7XP
2/EAn1S3DH5zQ29qsKa6JGqXR/OZ7AbH
=+DiJ
-----END PGP SIGNATURE-----

From John at Mozilla-Enigmail.org  Mon Sep  7 10:59:18 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Mon, 07 Sep 2009 12:59:18 -0500
Subject: [Enigmail] [Fwd: strange behavior/maybe a critical bug?]
In-Reply-To: <4AA5398E.60503@sixdemonbag.org>
References: <4AA5398E.60503@sixdemonbag.org>
Message-ID: <4AA549F6.1000904@Mozilla-Enigmail.org>

Robert J. Hansen wrote:
> The forwarded message is an Enigmail problem report which was posted to
> GnuPG-Users.  There is no cause for concern or panic right now: user
> error seems to be the most likely cause.  I suspect the user failed to
> use PGP/MIME, which meant the attachment was transmitted in the clear.
> 
> That said, we take all problem reports seriously.  We are looking into
> this matter, and if there turns out to be anything wrong with Enigmail
> we will certainly let people know.
> 
> 
> 	-- Rob, writing for the team

As I wrote over on GnuPG-Users:
> Yep. I'd bet your "Encrypted attachments" are nothing more than attachments.
> Check the MIME headers in the original message. Individual files are attached
> unencrypted. If the sender wants them encrypted, PGP/MIME must be used to
> encrypt the _entire_ email as one unit.

> Rather than PGP 6.0 on the Mac, why didn't you install a recent GnuPG version?
> Checkout the MacGPG project.

The /other/ thing to try is to have the OP install MacGPG and Mac Thunderbird +
Enigmail. Then copy the USB mail directories to a profile on the Mac and check
them there. Without actually seeing one of these emails, we have no idea what
the OP is really talking about.

But, until more data shows otherwise, I'm applying Occam and sticking with
Base-64ed attachments are being mistaken for "encrypted attachments".

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090907/1cacce80/attachment.bin>

From mlisten at hammernoch.net  Tue Sep  8 03:18:16 2009
From: mlisten at hammernoch.net (=?UTF-8?B?THVkd2lnIEjDvGdlbHNjaMOkZmVy?=)
Date: Tue, 08 Sep 2009 12:18:16 +0200
Subject: [Enigmail] [Fwd: strange behavior/maybe a critical bug?]
In-Reply-To: <4AA55993.90706@hammernoch.net>
References: <4AA5398E.60503@sixdemonbag.org>	<4AA549F6.1000904@Mozilla-Enigmail.org>
	<4AA55993.90706@hammernoch.net>
Message-ID: <4AA62F68.1050601@hammernoch.net>

On 07.09.2009 21:05, Ludwig H?gelsch?fer wrote:

> But as long as the data are available, nobody can tell for sure.

Ooops, meant to say: "But as long as the data are *NOT* available,
nobody can tell for sure."

Ludwig

From computersachen at beckerwelt.de  Mon Sep  7 21:53:49 2009
From: computersachen at beckerwelt.de (Frank Becker)
Date: Tue, 08 Sep 2009 06:53:49 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
Message-ID: <h84o0t$j21$1@ger.gmane.org>

Hello

I'm using enigmail with icedove on Debian Lenny. If I attach a file the
signature of the attachment fails if there is a german umlaut in the
pathname. Enigmail tells, that the file doesn't exist. But it is there.

What can I do? Thanks in advance for your help.

Frank Becker


From patrick at mozilla-enigmail.org  Tue Sep  8 03:32:31 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Tue, 08 Sep 2009 12:32:31 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <h84o0t$j21$1@ger.gmane.org>
References: <h84o0t$j21$1@ger.gmane.org>
Message-ID: <4AA632BF.3020301@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Frank Becker wrote:
> Hello
> 
> I'm using enigmail with icedove on Debian Lenny. If I attach a file the
> signature of the attachment fails if there is a german umlaut in the
> pathname. Enigmail tells, that the file doesn't exist. But it is there.
> 
> What can I do? Thanks in advance for your help.

Update to Enigmail v0.96.0

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSqYyvXcOpHodsOiwAQihoggAuuAxZw0iJLJnmG1eRI3FfrezulmpVQc1
nQaCxJLgL2JnOzkEfuyq2tNSl7IvA0IF2OHYkO10oBdOnh6R3bF3khLBS0inCrmQ
sIIwnHqcX/koqfWC1Zx/bXA1EDNw8pPsAVixMyitkfcjGuZ8Ui0Fgh/8qtdVphn2
ShpbYlcErDKWw9+fZiP1tIaZFd2RaNGrw7I8DxULxTjE4J1hWwht/9JyDb9F/VV8
JI09my4J0C4nrPnWfrHN84CLFgzJVzVN4CD2Imqyaidkpr/1yyUT/vOly0b9u9MG
7e7LQEz/zUNUefxIG5Jnt/4L2UDT8Gbr/6ZYGnsBLZWTpyd0xblSTQ==
=m8Ua
-----END PGP SIGNATURE-----

From computersachen at beckerwelt.de  Tue Sep  8 08:49:23 2009
From: computersachen at beckerwelt.de (Frank Becker)
Date: Tue, 08 Sep 2009 17:49:23 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <4AA632BF.3020301@mozilla-enigmail.org>
References: <h84o0t$j21$1@ger.gmane.org>
	<4AA632BF.3020301@mozilla-enigmail.org>
Message-ID: <h85ue3$9j6$1@ger.gmane.org>

> Update to Enigmail v0.96.0
> -Patrick

Hello Patrick,

I did so but the problem still exists.
The errormessage is:
gpg: '/home/apo-promotion/Projekte/T?niesweg 15/A Zettel.pdf' cannot be
opened. File or directory not found.
gpg: signing failed: Error opening the file.

If the file has no german umlauts everybody is ok.

Frank


From olav at seyfarth.de  Tue Sep  8 13:20:38 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Tue, 08 Sep 2009 22:20:38 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <h85ue3$9j6$1@ger.gmane.org>
References: <h84o0t$j21$1@ger.gmane.org>	<4AA632BF.3020301@mozilla-enigmail.org>
	<h85ue3$9j6$1@ger.gmane.org>
Message-ID: <4AA6BC96.9040802@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Frank,

> gpg: '/home/apo-promotion/Projekte/T?niesweg 15/A Zettel.pdf' cannot be
> opened. File or directory not found.

Are you sure? Is "A Zettel.pdf" the name of the file?!

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqmvJUACgkQL/NBt8fdKe0BAQCgpHgoLDiQ+E9GEPN/+ejIKUVp
LiQAn06vjDb18Q+8+ISe+awhLs2ZHkIR
=cZX/
-----END PGP SIGNATURE-----

From computersachen at beckerwelt.de  Wed Sep  9 02:39:53 2009
From: computersachen at beckerwelt.de (Frank Becker)
Date: Wed, 09 Sep 2009 11:39:53 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <4AA6BC96.9040802@seyfarth.de>
References: <h84o0t$j21$1@ger.gmane.org>	<4AA632BF.3020301@mozilla-enigmail.org>	<h85ue3$9j6$1@ger.gmane.org>
	<4AA6BC96.9040802@seyfarth.de>
Message-ID: <h87t58$ojp$1@ger.gmane.org>

>> gpg: '/home/apo-promotion/Projekte/T?niesweg 15/A Zettel.pdf' cannot be
>> opened. File or directory not found.
> 
> Are you sure? Is "A Zettel.pdf" the name of the file?!

Yes, you are right.

Frank


From olav at seyfarth.de  Wed Sep  9 06:17:11 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Wed, 09 Sep 2009 15:17:11 +0200
Subject: [Enigmail] Temp file path is wrong
In-Reply-To: <4AA7A837.20703@gmail.com>
References: <4AA7A837.20703@gmail.com>
Message-ID: <4AA7AAD7.4050504@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Jim,

> c:\Program Files\Mozilla Thunderbird 3.0 Beta
> 3\C:\users\jar\AppData\Local\Temp\msg-3

seems to be a badly dsigned dialog. I think that there are two or even three
strings displayed:

c:\Program Files\Mozilla Thunderbird 3.0 Beta 3
file:\
C:\users\jar\AppData\Local\Temp\msg-3

Due to the dialog title "Textpad" I doubt that it was issued by Enigmail.

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqnqtYACgkQL/NBt8fdKe2RzQCfar3e5Ynyxdz/dLXOuRLf6w2i
Y+EAn1Mdq+vYmbzBYKf0Xl4ItWVzlFUH
=UAtF
-----END PGP SIGNATURE-----

From rasmith1959 at gmail.com  Wed Sep  9 09:40:32 2009
From: rasmith1959 at gmail.com (Roy Smith)
Date: Wed, 09 Sep 2009 11:40:32 -0500
Subject: [Enigmail] gmail?
In-Reply-To: <mailman.2117.1250962101.63231.enigmail@mozdev.org>
References: <4A8FFDC3.7040608@robinlea.com>	<4A8FFED7.1010201@mozillamessaging.com>	<4A90080E.40601@robinlea.com>	<4A9027A6.6080500@mozillamessaging.com>
	<mailman.2117.1250962101.63231.enigmail@mozdev.org>
Message-ID: <h88lqm$rio$1@mozdev.mozdev.org>

John W. Moore III wrote:
> Ludovic Hirlimann wrote:
>> On 8/22/09 5:00 PM, John Francis Lee wrote:
>>> Could you elaborate?
> 
> I will say that corresponding through Gmail using encryption makes for
> some very interesting Ad suggestions.  :-D

And I can certainly vouch for that!  When I was on PGPNET and using
GMail to send emails to the mailing list, I was getting some really off
the wall ads when I didn't have AdBlockerPlus blocking them...

-- 
*---------------------------------------------------------------------*
| Roy Smith                          | Y! rasmith1959                 |
| Ubuntu 9.04 Jaunty Jackalope       | MSN rasmith1959 at live.com       |
| Registered Linux User #488144      | ICQ 265622                     |
| Registered Ubuntu User #26841      | AOL rasmith1959 at yahoo.com      |
*---------------------------------------------------------------------*


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090909/b5973ce4/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Sep  9 23:43:24 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Thu, 10 Sep 2009 08:43:24 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <h87t58$ojp$1@ger.gmane.org>
References: <h84o0t$j21$1@ger.gmane.org>	<4AA632BF.3020301@mozilla-enigmail.org>	<h85ue3$9j6$1@ger.gmane.org>	<4AA6BC96.9040802@seyfarth.de>
	<h87t58$ojp$1@ger.gmane.org>
Message-ID: <4AA8A00C.4050507@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Frank Becker wrote:
>>> gpg: '/home/apo-promotion/Projekte/T?niesweg 15/A Zettel.pdf' cannot be
>>> opened. File or directory not found.
>> Are you sure? Is "A Zettel.pdf" the name of the file?!
> 
> Yes, you are right.

Right, it doesn't work on my Linux box either. I'll have to look into
the code.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSqigC3cOpHodsOiwAQhq4wf9H6jtnoxEvMLYJ/Um3pRl7CknJzlLXasU
f4wx3riEi2s+J2k6SwDYE7cGhFuWliFyI2fGqr667HQe4O5EQVE/IbtjFnrGCXUd
fOyNxlGmZwhtOv/fqJ2bxr+rCqq+7jelroGujkfYZippvp+1d6WoAbcTZHareIlL
70q5k4ETZhdYvE9eOB/VSOvrtU2E+H88LdeIymlZbOoMk2NUNNv9dzS4e3I5PtBu
6KYujYAQhwzUq9Y8XchX3zMZB80nNYZsy3enuwqL6pdY/3m0aYnP+CPnOBoQZq9y
muNwupJMUqObyiHnj96lsQ3l/3nmvjeh0exj2o6mBnt0/QZYZhHDvg==
=P6O6
-----END PGP SIGNATURE-----

From computersachen at beckerwelt.de  Thu Sep 10 06:59:39 2009
From: computersachen at beckerwelt.de (Frank Becker)
Date: Thu, 10 Sep 2009 15:59:39 +0200
Subject: [Enigmail] Problems with german umlauts in path or attachment
In-Reply-To: <4AA8A00C.4050507@mozilla-enigmail.org>
References: <h84o0t$j21$1@ger.gmane.org>	<4AA632BF.3020301@mozilla-enigmail.org>	<h85ue3$9j6$1@ger.gmane.org>	<4AA6BC96.9040802@seyfarth.de>	<h87t58$ojp$1@ger.gmane.org>
	<4AA8A00C.4050507@mozilla-enigmail.org>
Message-ID: <h8b0ob$5g9$1@ger.gmane.org>

Thank you for your help.
I wait now for an update.

Best regards
Frank


Patrick Brunschwig schrieb:
> Frank Becker wrote:
>>>> gpg: '/home/apo-promotion/Projekte/T?niesweg 15/A Zettel.pdf' cannot be
>>>> opened. File or directory not found.
>>> Are you sure? Is "A Zettel.pdf" the name of the file?!
>> Yes, you are right.
> 
> Right, it doesn't work on my Linux box either. I'll have to look into
> the code.
> 
> -Patrick


From jamesrome at gmail.com  Thu Sep 10 11:22:30 2009
From: jamesrome at gmail.com (James Rome)
Date: Thu, 10 Sep 2009 14:22:30 -0400
Subject: [Enigmail] Temp file path is wrong
Message-ID: <4AA943E6.8010706@gmail.com>


Well, Enigmail fails every time I try to do this the same way. Surely 
Enigmail picks the Temp File location, and must pass this as an argument 
to the .txt handling application?

I changed the app to notepad, and it says that "the directory name, file 
name, or syntax is incorrect." So I think it is an Enigmail problem.
-----------------------------
From: Olav Seyfarth <olav at seyfarth.de>
Hi Jim,

 > > c:\Program Files\Mozilla Thunderbird 3.0 Beta
 > > 3\C:\users\jar\AppData\Local\Temp\msg-3
seems to be a badly dsigned dialog. I think that there are two or even three
strings displayed:

c:\Program Files\Mozilla Thunderbird 3.0 Beta 3
file:\
C:\users\jar\AppData\Local\Temp\msg-3

Due to the dialog title "Textpad" I doubt that it was issued by Enigmail.




From i.vonborstel at tu-bs.de  Thu Sep 10 12:21:49 2009
From: i.vonborstel at tu-bs.de (Ingo von Borstel)
Date: Thu, 10 Sep 2009 21:21:49 +0200
Subject: [Enigmail] Import of existing key pair
Message-ID: <4AA951CD.6010202@tu-bs.de>

Hello,

your OpenPGP assistant is a really nice piece of software and setting up
 Thunderbird with OpenPGP is a piece of cake with it. Unfortunately I
own already a key pair which I'd like to have important. For these cases
it'd be nice that at the same time where I can chose to generate key(s),
I'd also have the option to actually import existing keys. This option
is only present when I actually already copied my key pairs there.

Cheers,
Ingo von Borstel

From allen.schultz at gmail.com  Thu Sep 10 15:54:02 2009
From: allen.schultz at gmail.com (Allen Schultz)
Date: Thu, 10 Sep 2009 16:54:02 -0600
Subject: [Enigmail] PGP/MIME on by default?
Message-ID: <4AA9838A.6030400@gmail.com>

I have a new install of TB+Enigmail, standard stable version. But now I
have a problem with a setting. I cannot get PGP/MIME to stay on for each
and every single message, except the few I want inline for.

How can I change this?

-- 
Allen Schultz
PS: Please see attached VCF attachment for contact and GPG key info.
Signature.asc requires GPG/PGP to be installed to verify signature.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: allen_schultz.vcf
Type: text/x-vcard
Size: 648 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090910/58e8d18d/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090910/58e8d18d/attachment.bin>

From John at Mozilla-Enigmail.org  Thu Sep 10 17:04:16 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Thu, 10 Sep 2009 19:04:16 -0500
Subject: [Enigmail] PGP/MIME on by default?
In-Reply-To: <4AA9838A.6030400@gmail.com>
References: <4AA9838A.6030400@gmail.com>
Message-ID: <4AA99400.8030303@Mozilla-Enigmail.org>

Allen Schultz wrote:
> I have a new install of TB+Enigmail, standard stable version. But now I
> have a problem with a setting. I cannot get PGP/MIME to stay on for each
> and every single message, except the few I want inline for.
> 
> How can I change this?

Persistent PGP/MIME can be enable two ways

a) per-recipient rules

b) Account Settings --> OpenPGP tab. Check the box "Use PGP/MIME be default".
   Click OK

You most likely want b)

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090910/ce8af2b2/attachment.bin>

From jmoore3rd at bellsouth.net  Thu Sep 10 17:25:57 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Thu, 10 Sep 2009 20:25:57 -0400
Subject: [Enigmail] PGP/MIME on by default?
In-Reply-To: <4AA9838A.6030400@gmail.com>
References: <4AA9838A.6030400@gmail.com>
Message-ID: <4AA99915.6060002@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Allen Schultz wrote:
> I have a new install of TB+Enigmail, standard stable version. But now I
> have a problem with a setting. I cannot get PGP/MIME to stay on for each
> and every single message, except the few I want inline for.
> 
> How can I change this?

Use the Per-Recipient Rules.

JOHN ;)
Timestamp: Thursday 10 Sep 2009, 20:25  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKqZkTAAoJEBCGy9eAtCsPi6YH/2pkbDm2Z85fsB7zghfjhtvV
/2VpqIyccrHpZtS8Br2qw1tMCtbg3nKAdtev+ujMwsksAQ3e3dHXaSJWnk01+2kA
2J9ILgfo+QpiyY+zb0BEZHPecp/IiB/nf76k6ZJ3n/ceoo3D2EEGlt8UlaRjO68+
8kwFrCfRAf32LGB2o+zqkpxJDw5TpfLA9vGgvh0z6QtM+5GOzFpeYmJvbRizzH6l
ok4p1RYMq7UZXBrLf72V4TXRNf6WKaXIQjhNt9R7OXn0G81x6sq/IidsAQxnjica
rXd9Y+51GdHfW+2hRx4To0gRZOjllSdNp4F9oYAO9vRihQgGjrCA/jyuuj2+KZM=
=A5ZS
-----END PGP SIGNATURE-----

From allen.schultz at gmail.com  Thu Sep 10 18:04:25 2009
From: allen.schultz at gmail.com (Allen Schultz)
Date: Thu, 10 Sep 2009 19:04:25 -0600
Subject: [Enigmail] PGP/MIME on by default?
In-Reply-To: <4AA99915.6060002@bellsouth.net>
References: <4AA9838A.6030400@gmail.com> <4AA99915.6060002@bellsouth.net>
Message-ID: <4AA9A219.8000101@gmail.com>

John W. Moore III wrote:
> Allen Schultz wrote:
>> I have a new install of TB+Enigmail, standard stable version. But now I
>> have a problem with a setting. I cannot get PGP/MIME to stay on for each
>> and every single message, except the few I want inline for.
> 
>> How can I change this?
> 
> Use the Per-Recipient Rules.

That required an email address, I wanted it to be the default, not the
exception. I find it. Open up a new message, Open OpenPGP and go to
Default Composition Options -> Signing/Encrypting Options.

-- 
Allen Schultz
PS: Please see attached VCF attachment for contact and GPG key info.
Signature.asc requires GPG/PGP to be installed to verify signature.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: allen_schultz.vcf
Type: text/x-vcard
Size: 648 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090910/74c46036/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090910/74c46036/attachment.bin>

From patrick at mozilla-enigmail.org  Thu Sep 10 23:44:01 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Fri, 11 Sep 2009 08:44:01 +0200
Subject: [Enigmail] PGP/MIME on by default?
In-Reply-To: <4AA9A219.8000101@gmail.com>
References: <4AA9838A.6030400@gmail.com> <4AA99915.6060002@bellsouth.net>
	<4AA9A219.8000101@gmail.com>
Message-ID: <4AA9F1B1.3050906@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Allen Schultz wrote:
> John W. Moore III wrote:
>> Allen Schultz wrote:
>>> I have a new install of TB+Enigmail, standard stable version. But now I
>>> have a problem with a setting. I cannot get PGP/MIME to stay on for each
>>> and every single message, except the few I want inline for.
>>> How can I change this?
>> Use the Per-Recipient Rules.
> 
> That required an email address, I wanted it to be the default, not the
> exception. I find it. Open up a new message, Open OpenPGP and go to
> Default Composition Options -> Signing/Encrypting Options.

The 1st choice would be to enable PGP/MIME by default for each identity
(or account) in the account settings. Account Settings --> OpenPGP tab
for each identity.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSqnxq3cOpHodsOiwAQi7TggAg15n/PbNVKedO6+JeH/lSSymQEuya9K0
zBHR+2dkDWF0j3GaCdqQiuVlFngMr/SkFE7AYytXDjEawkMJJ2a5+Rui8K/NfkkB
GNASE8hgSJFbTZ++8iRQ4Bci9whBh9Y4BjjktaCpucMd04YTjMY9W3zXEz280fIY
UVKVgHODXoJZYlvYyS+Jl/5ViX3xsCrLxCPb3SBRBZhrOS4cmI7zvCReqStj2WmI
JWPtv4P++0jdAqtBPOf26xirU0Rx9F96v2I0iwlNEB6mST4ozvw/2ItzJWbspoQI
mOGMFQr26Ch+IROUl0wXd+omU4x+KYS920qe5ML4wtxpnAak59YS8w==
=n9tf
-----END PGP SIGNATURE-----

From nospaming at aedon.eu  Fri Sep 11 01:07:20 2009
From: nospaming at aedon.eu (Peter J. Nachtigall)
Date: Fri, 11 Sep 2009 10:07:20 +0200
Subject: [Enigmail] Import of existing key pair
In-Reply-To: <4AA951CD.6010202@tu-bs.de>
References: <4AA951CD.6010202@tu-bs.de>
Message-ID: <4AAA0538.8060505@aedon.eu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ingo von Borstel schrieb:
> Hello,

> your OpenPGP assistant is a really nice piece of software and setting up
>  Thunderbird with OpenPGP is a piece of cake with it. Unfortunately I
> own already a key pair which I'd like to have important. For these cases
> it'd be nice that at the same time where I can chose to generate key(s),
> I'd also have the option to actually import existing keys. This option
> is only present when I actually already copied my key pairs there.

Have you tried OpenPGP/Schl?ssel verwalten/Datei/Importieren ?

Thx
/peter

- --
aedon DESIGNS
http://www.aedon.eu/
http://www.hochzeitsbuch.info/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqqBTgACgkQwIipPo4gL86EPwCfYY+BTk6tVCiP8LFrpl+wFVUt
BKAAnjBekyuBSIEwGq2dG+6JOtXYMC93
=dJvY
-----END PGP SIGNATURE-----

From olav at seyfarth.de  Fri Sep 11 02:04:59 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Fri, 11 Sep 2009 11:04:59 +0200
Subject: [Enigmail] Import of existing key pair
In-Reply-To: <4AAA0538.8060505@aedon.eu>
References: <4AA951CD.6010202@tu-bs.de> <4AAA0538.8060505@aedon.eu>
Message-ID: <4AAA12BB.1060105@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Ingo,

>> OpenPGP assistant:
>> I'd also have the option to actually import existing keys. This option
>> is only present when I actually already copied my key pairs there.

Correct. Enigmail assumes that GnuPG (including keyring setup) has been
installed and set up prior to its own installation. If the wizard finds keys,
it will offer to use them but it does not ask to import from a file.
Please enter a RFE bug in Mozdev's bugzilla:

https://www.mozdev.org/bugs/enter_bug.cgi?assigned_to=patrick.brunschwig%40gmx.net&blocked=&bug_file_loc=http%3A%2F%2F&bug_severity=enhancement&bug_status=NEW&comment=&component=GUI&contenttypeentry=&contenttypemethod=autodetect&contenttypeselection=text%2Fplain&data=&dependson=&description=&flag_type-2=X&form_name=enter_bug&keywords=&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=All&priority=P2&product=enigmail&rep_platform=All&short_desc=&target_milestone=---&version=0.96.0


Hi Peter,

> Have you tried OpenPGP/Schl?ssel verwalten/Datei/Importieren ?

this will work of course but is not what Ingo asked for.

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkqqErkACgkQL/NBt8fdKe2UcgCghmAj2GSuS9SWOCJQOQua8x8+
NgoAn3aLqGzAvMRuLcx9HZSV1JpLRxd6
=tomd
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Fri Sep 11 02:06:40 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Fri, 11 Sep 2009 05:06:40 -0400
Subject: [Enigmail] Import of existing key pair
In-Reply-To: <4AAA0538.8060505@aedon.eu>
References: <4AA951CD.6010202@tu-bs.de> <4AAA0538.8060505@aedon.eu>
Message-ID: <4AAA1320.5030907@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Peter J. Nachtigall wrote:
> Ingo von Borstel schrieb:
>> Hello,
> 
>> your OpenPGP assistant is a really nice piece of software and setting up
>>  Thunderbird with OpenPGP is a piece of cake with it. Unfortunately I
>> own already a key pair which I'd like to have important. For these cases
>> it'd be nice that at the same time where I can chose to generate key(s),
>> I'd also have the option to actually import existing keys. This option
>> is only present when I actually already copied my key pairs there.
> 
> Have you tried OpenPGP/Schl?ssel verwalten/Datei/Importieren ?

FYI, Peter;

gpg command line and output:
C:\GnuPG\gpg.exe
gpg: armor: BEGIN PGP SIGNED MESSAGE
gpg: armor header: Hash: SHA1
:packet 63: length 11 gpg: armor: BEGIN PGP SIGNATURE
gpg: armor header: Version: GnuPG v1.4.9 (Darwin)
gpg: armor header: Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
:literal data packet:
	mode t (74), created 0, name="",
	raw data: unknown length
gpg: original file name=''
gpg: CRC error; 749BD8 - DC3749
:signature packet: algo 17, keyid C088A93E8E202FCE
	version 4, created 1252656440, md5len 0, sigclass 0x01
	digest algo 2, begin of digest 84 3f
	hashed subpkt 2 len 4 (sig created 2009-09-11)
	subpkt 16 len 8 (issuer key ID C088A93E8E202FCE)
	data: [159 bits]
	data: [158 bits]
gpg: Signature made 09/11/09 04:07:20 using DSA key ID 8E202FCE
gpg: key B7AB9DE5: accepted as trusted key
gpg: key 6E23ECBB: accepted as trusted key
gpg: key 026B875E: accepted as trusted key
gpg: key DD00CE47: accepted as trusted key
gpg: key 82D70F78: accepted as trusted key
gpg: key 80B42B0F: accepted as trusted key
gpg: key A35FB676: accepted as trusted key
gpg: key 359C3A4A: accepted as trusted key
gpg: BAD signature from "Peter J. Nachtigall <nospaming at aedon.eu>"
gpg: textmode signature, digest algorithm SHA1

JOHN ;)
Timestamp: Friday 11 Sep 2009, 05:04  --400 (Eastern Daylight Time)
- --
Where Were You 8 years ago today?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKqhMeAAoJEBCGy9eAtCsP37IH/i3O7RVsLF1w8M4H0+fZkMb8
9bblewa4D6jZh8jrl7ozECi6bWM57cevt+fKv040iBXqY1AhFSJZBrgrPbUo39So
5vei/BhjBrBZiMH+wpTn+iG6ohuHe5bNlgrdhFczbZAsRqyLa9fsKAY1c91ZmGgT
Fr1991vwodcD4GFSU2Db8seP7vRcuOqaA/f14+Mpzmmg9wJ3tKsLU8U8gLeKl82I
LWHDT4NyfliM3zExZUfQxeftCAZvc3JXoQx2tybaAguagudIrizD1m+oqwJPvSc7
FouvFcUaSrVSAGCEIARwnDr/0GNM5U8b03setjogQvFDhxspOYbDjSHEShlzxVk=
=qaRe
-----END PGP SIGNATURE-----

From michaeljgruber+mozdevnews at fastmail.fm  Sun Sep 13 08:18:45 2009
From: michaeljgruber+mozdevnews at fastmail.fm (Michael J Gruber)
Date: Sun, 13 Sep 2009 17:18:45 +0200
Subject: [Enigmail] Import of existing key pair
In-Reply-To: <mailman.13.1252660015.85486.enigmail@mozdev.org>
References: <4AA951CD.6010202@tu-bs.de> <4AAA0538.8060505@aedon.eu>
	<mailman.13.1252660015.85486.enigmail@mozdev.org>
Message-ID: <h8j2hg$1fjb$1@mozdev.mozdev.org>

John W. Moore III venit, vidit, dixit 11.09.2009 11:06:
> Peter J. Nachtigall wrote:
>> Ingo von Borstel schrieb:
>>> Hello,
> 
>>> your OpenPGP assistant is a really nice piece of software and setting up
>>>  Thunderbird with OpenPGP is a piece of cake with it. Unfortunately I
>>> own already a key pair which I'd like to have important. For these cases
>>> it'd be nice that at the same time where I can chose to generate key(s),
>>> I'd also have the option to actually import existing keys. This option
>>> is only present when I actually already copied my key pairs there.
> 
>> Have you tried OpenPGP/Schl?ssel verwalten/Datei/Importieren ?
> 
> FYI, Peter;
> 
> gpg command line and output:
> C:\GnuPG\gpg.exe
> gpg: armor: BEGIN PGP SIGNED MESSAGE
> gpg: armor header: Hash: SHA1
> :packet 63: length 11 gpg: armor: BEGIN PGP SIGNATURE
> gpg: armor header: Version: GnuPG v1.4.9 (Darwin)
> gpg: armor header: Comment: Using GnuPG with Mozilla -
> http://enigmail.mozdev.org/
> :literal data packet:
> 	mode t (74), created 0, name="",
> 	raw data: unknown length
> gpg: original file name=''
> gpg: CRC error; 749BD8 - DC3749
> :signature packet: algo 17, keyid C088A93E8E202FCE
> 	version 4, created 1252656440, md5len 0, sigclass 0x01
> 	digest algo 2, begin of digest 84 3f
> 	hashed subpkt 2 len 4 (sig created 2009-09-11)
> 	subpkt 16 len 8 (issuer key ID C088A93E8E202FCE)
> 	data: [159 bits]
> 	data: [158 bits]
> gpg: Signature made 09/11/09 04:07:20 using DSA key ID 8E202FCE
> gpg: key B7AB9DE5: accepted as trusted key
> gpg: key 6E23ECBB: accepted as trusted key
> gpg: key 026B875E: accepted as trusted key
> gpg: key DD00CE47: accepted as trusted key
> gpg: key 82D70F78: accepted as trusted key
> gpg: key 80B42B0F: accepted as trusted key
> gpg: key A35FB676: accepted as trusted key
> gpg: key 359C3A4A: accepted as trusted key
> gpg: BAD signature from "Peter J. Nachtigall <nospaming at aedon.eu>"
> gpg: textmode signature, digest algorithm SHA1
> 
> JOHN ;)
> Timestamp: Friday 11 Sep 2009, 05:04  --400 (Eastern Daylight Time)

Signature verifies OK over here.

Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090913/16ead9e7/attachment.bin>

From cai.0407 at gmail.com  Mon Sep 14 04:52:44 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Mon, 14 Sep 2009 20:52:44 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
Message-ID: <4AAE2E8C.8000600@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Previously, I reported bug 18361
(https://www.mozdev.org/bugs/show_bug.cgi?id=18361)
as a bug derived from combination of Thunderbird, Enigmail and
ISO-2022-JP, and it has been fixed.
Recently, we (I and some Japanese Enigmail users) discussed and
inspected about this issue, and it is found that bug 18361 is not
Enigmail's bug, nor a problem of ISO-2022-JP, but a behavior of GnuPG
itself.

We will show you some examples below.

1. make up the text with line end white space.
,----[ textfile.txt ]-
| with line end space -->
`----
2. gpg --detach-sign --armor --rfc2440 --textmode textfile.txt
3. gpg --verify --verbose --rfc4880 textfile.txt.asc
Result is BAD signature.

other case:
+-----------+---------------------+-----------------+----------+
| when sign | line end adjustment |when verification| result   |
+-----------+---------------------+-----------------+----------+
| --rfc2440 |no adjustment        | --rfc2440       | Good sig.|
| --rfc2440 |delete line end space| --rfc2440       | Good sig.|
| --rfc2440 |add line end space   | --rfc2440       | Good sig.|
| --rfc2440 |no adjustment        | --rfc4880       | Bad?sig.|#1
| --rfc2440 |delete line end space| --rfc4880       | Good sig.|
| --rfc2440 |add line end space   | --rfc4880       | Bad?sig.|
+-----------+---------------------+-----------------+----------+
| --rfc4880 |no adjustment        | --rfc2440       | Bad?sig.|#2
| --rfc4880 |delete line end space| --rfc2440       | Bad?sig.|
| --rfc4880 |add line end space   | --rfc2440       | Bad?sig.|
| --rfc4880 |no adjustment        | --rfc4880       | Good sig.|
| --rfc4880 |delete line end space| --rfc4880       | Bad?sig.|
| --rfc4880 |add line end space   | --rfc4880       | Bad?sig.|
+-----------+---------------------+-----------------+----------+
(bug#:18361 is case #2)

We found other problem about Content-Type and Content-Transfer-Encoding.
To fix these problems, we request some solutions.

1. back out of bug 18361.
2. not to force 8bit or quoted-printable when ISO-2022-JP and other 7bit
character set are used.
3. square Content-Type header with that in Armor Header Keys.

We have prepared a patch of 1 (full) and 2 (partial) for
content/enigmail/enigmailMsgComposeOverlay.js 1.187 (trunk) and
1.186.2.1 (0.96 branch).

- -- 
Kosuke Kaizuka <cai.0407 at gmail.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAkquLokACgkQa+goYNi1URKn+QEAiIXVw07eHmbmrbJXy2m7CpeR
oOKg0KNYNk7eycoWrP4A+gIRdSE2KClNp58jxQgQXBpd8WR8769P8M0bImGim9Fo
=FDJQ
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: enigmailMsgComposeOverlay_1.187.js.patch
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090914/fb2caa53/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: enigmailMsgComposeOverlay_1.186.2.1.js.patch
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090914/fb2caa53/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: enigmailMsgComposeOverlay_1.187.js.patch.sig
Type: application/octet-stream
Size: 96 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090914/fb2caa53/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: enigmailMsgComposeOverlay_1.186.2.1.js.patch.sig
Type: application/octet-stream
Size: 96 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090914/fb2caa53/attachment-0001.obj>

From patrick at mozilla-enigmail.org  Mon Sep 14 07:01:47 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Mon, 14 Sep 2009 16:01:47 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AAE2E8C.8000600@gmail.com>
References: <4AAE2E8C.8000600@gmail.com>
Message-ID: <4AAE4CCB.1000601@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kosuke Kaizuka wrote:
> Previously, I reported bug 18361
> (https://www.mozdev.org/bugs/show_bug.cgi?id=18361)
> as a bug derived from combination of Thunderbird, Enigmail and
> ISO-2022-JP, and it has been fixed.
> Recently, we (I and some Japanese Enigmail users) discussed and
> inspected about this issue, and it is found that bug 18361 is not
> Enigmail's bug, nor a problem of ISO-2022-JP, but a behavior of GnuPG
> itself.
> 
> We will show you some examples below.
> 
> 1. make up the text with line end white space.
> ,----[ textfile.txt ]-
> | with line end space -->
> `----
> 2. gpg --detach-sign --armor --rfc2440 --textmode textfile.txt
> 3. gpg --verify --verbose --rfc4880 textfile.txt.asc
> Result is BAD signature.
> 
> other case:
> +-----------+---------------------+-----------------+----------+
> | when sign | line end adjustment |when verification| result   |
> +-----------+---------------------+-----------------+----------+
> | --rfc2440 |no adjustment        | --rfc2440       | Good sig.|
> | --rfc2440 |delete line end space| --rfc2440       | Good sig.|
> | --rfc2440 |add line end space   | --rfc2440       | Good sig.|
> | --rfc2440 |no adjustment        | --rfc4880       | Bad?sig.|#1
> | --rfc2440 |delete line end space| --rfc4880       | Good sig.|
> | --rfc2440 |add line end space   | --rfc4880       | Bad?sig.|
> +-----------+---------------------+-----------------+----------+
> | --rfc4880 |no adjustment        | --rfc2440       | Bad?sig.|#2
> | --rfc4880 |delete line end space| --rfc2440       | Bad?sig.|
> | --rfc4880 |add line end space   | --rfc2440       | Bad?sig.|
> | --rfc4880 |no adjustment        | --rfc4880       | Good sig.|
> | --rfc4880 |delete line end space| --rfc4880       | Bad?sig.|
> | --rfc4880 |add line end space   | --rfc4880       | Bad?sig.|
> +-----------+---------------------+-----------------+----------+
> (bug#:18361 is case #2)
> 
> We found other problem about Content-Type and Content-Transfer-Encoding.
> To fix these problems, we request some solutions.
> 
> 1. back out of bug 18361.
> 2. not to force 8bit or quoted-printable when ISO-2022-JP and other 7bit
> character set are used.
> 3. square Content-Type header with that in Armor Header Keys.
> 
> We have prepared a patch of 1 (full) and 2 (partial) for
> content/enigmail/enigmailMsgComposeOverlay.js 1.187 (trunk) and
> 1.186.2.1 (0.96 branch).

Unfortunately, your patch would lead to bad signatures with any user
having defined a signature like this: "-- " (i.e. not OpenPGP
signatures, but signature footer lines). As you point out yourself, the
OpenPGP signature is only valid if there are no spaces at the end of all
lines, which is exactly not the case for "-- " signatures.

In order to allow "-- " and be OpenPGP compliamtn, the lines you want to
be removed were added, I cannot and will not remove this part of the
code since it would destroy more than it adds. Generally speaking,
OpenPGP requires that spaces at the end of lines are either removed or
"escaped" using quoted-printable, or the text is completely base64-encoded.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSq5MyncOpHodsOiwAQiPgggAxZzWOprNECgLZStVuEhF5BKt12m/8pdi
d7+6jekORKdKMnZjKpjJBgzBmn5Y9QcDXwvhlyv4xbemPmDynTig9hY2+VFA7d+o
YDaez7tu6qoQLqwPOzx7kuX39DUupl8j2+u6DuVPG3fJdL8/HPckvsDdTzTG42Hc
M9y7CAQPVmTlBI7Gbr2kpc4DaKs/BxdsyZz+RKAkiHOoYLNAgEFY89FKL31i+rJN
2aF/OzC0amFQmGN7V/4tSa4TmX6cuFqxS0wsjyVNXlL/FvCEs6P2H2TPK4oeDDR3
s6hPCmzzqppOGXiKPGlC3ADXt6GLy5a+V7nJFugG2SlwKo74xyO6LA==
=fETL
-----END PGP SIGNATURE-----

From kyshk at bc.iij4u.or.jp  Mon Sep 14 08:31:14 2009
From: kyshk at bc.iij4u.or.jp (kyshk at bc.iij4u.or.jp)
Date: Tue, 15 Sep 2009 00:31:14 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AAE4CCB.1000601@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>
	<4AAE4CCB.1000601@mozilla-enigmail.org>
Message-ID: <4AAE61C2.30504@bc.iij4u.or.jp>

Hi!

At Mon Sep 14 2009 23:01:47 GMT+0900,
Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
> Unfortunately, your patch would lead to bad signatures with any user
> having defined a signature like this: "-- " (i.e. not OpenPGP
> signatures, but signature footer lines). As you point out yourself, the
> OpenPGP signature is only valid if there are no spaces at the end of all
> lines, which is exactly not the case for "-- " signatures.

Please turn back your work for Bug#:18361.
This problem be no concern with "-- ".


> OpenPGP requires that spaces at the end of lines are either removed or
> "escaped" using quoted-printable, or the text is completely base64-encoded.

iso-2022-jp is 7bit, have no occasion to quoted-printable.
put a stop to 8bit request, it is The nerve!
because some japanese MUA is no appreciate quoted-printable.

and,
at PGP/MIME encrypt, charset in Content-Type header is make equal to
Charset header in Armor Header Keys.
because other japanese MUA dependent charset in Content-Type header.

Please! I appreciate it.
--
kiyo

From patrick at mozilla-enigmail.org  Tue Sep 15 01:56:21 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Tue, 15 Sep 2009 10:56:21 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AAE61C2.30504@bc.iij4u.or.jp>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>
	<4AAE61C2.30504@bc.iij4u.or.jp>
Message-ID: <4AAF56B5.3040504@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

kyshk at bc.iij4u.or.jp wrote:
> Hi!
> 
> At Mon Sep 14 2009 23:01:47 GMT+0900,
> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>> Unfortunately, your patch would lead to bad signatures with any user
>> having defined a signature like this: "-- " (i.e. not OpenPGP
>> signatures, but signature footer lines). As you point out yourself, the
>> OpenPGP signature is only valid if there are no spaces at the end of all
>> lines, which is exactly not the case for "-- " signatures.
> 
> Please turn back your work for Bug#:18361.
> This problem be no concern with "-- ".
> 
> 
>> OpenPGP requires that spaces at the end of lines are either removed or
>> "escaped" using quoted-printable, or the text is completely base64-encoded.
> 
> iso-2022-jp is 7bit, have no occasion to quoted-printable.
> put a stop to 8bit request, it is The nerve!
> because some japanese MUA is no appreciate quoted-printable.

I understood this. The problem is that your proposed patch is affecting
any type of character sets, not only iso-2022-jp. So if you propose a
patch that is specific to iso-2022-jp we can discuss about integrating it.

> at PGP/MIME encrypt, charset in Content-Type header is make equal to
> Charset header in Armor Header Keys.
> because other japanese MUA dependent charset in Content-Type header.

right, but even then I cannot accept a patch that affects all other
character sets :-(

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSq9Ws3cOpHodsOiwAQhnlwf+PtgSBuYyEa/ZqolbrGVq3yRfMgZd6xSj
K3rdUdK0KO9DSv5wlfMBj+K+/3tr/vB10/ObUtM62t1RfTTQuaQmj0VqN8HeJ2dj
pfYQLsiIE62KYy0PvbwYZ7Kw1SrC6gXtQnx0MGVxWxCnRJGzybAF1MKO3dk/Hmpa
nQR27HEkJ8/BqkhfRBiRujAtoKbyK+b58Jmw1evxxgtjO32eI0lT+VDUCGXzOH6n
NsE4Zdkk7CixcMZdiY2UrGsJoD+E2hYn7FXlPvcnJN85cWT6hNrlTG6IZMOjv1UN
18B5WS2Ry3T+sMc4L5aPrZjQHqhy6cjMUcaQLnPFKYJ/6nJGU3WtGw==
=4v7s
-----END PGP SIGNATURE-----

From cai.0407 at gmail.com  Tue Sep 15 08:48:00 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Wed, 16 Sep 2009 00:48:00 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AAF56B5.3040504@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>
	<4AAF56B5.3040504@mozilla-enigmail.org>
Message-ID: <4AAFB730.2000200@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear all,

On 2009/09/15 17:56, Patrick Brunschwig wrote:
>> At Mon Sep 14 2009 23:01:47 GMT+0900,
>> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>>> Unfortunately, your patch would lead to bad signatures with any user
>>> having defined a signature like this: "-- " (i.e. not OpenPGP
>>> signatures, but signature footer lines). As you point out yourself, the
>>> OpenPGP signature is only valid if there are no spaces at the end of all
>>> lines, which is exactly not the case for "-- " signatures.
> 
>> Please turn back your work for Bug#:18361.
>> This problem be no concern with "-- ".
> 
> 
>>> OpenPGP requires that spaces at the end of lines are either removed or
>>> "escaped" using quoted-printable, or the text is completely base64-encoded.
> 
>> iso-2022-jp is 7bit, have no occasion to quoted-printable.
>> put a stop to 8bit request, it is The nerve!
>> because some japanese MUA is no appreciate quoted-printable.
> 
> I understood this. The problem is that your proposed patch is affecting
> any type of character sets, not only iso-2022-jp. So if you propose a
> patch that is specific to iso-2022-jp we can discuss about integrating it.

Okay, here is a revised patch that doesn't affect any charsets except
for ISO-2022-JP.
I gave up ISO-2022-JP 7bit in PGP/MIME.

1. not to change ISO-2022-JP to UTF-8 in PGP/MIME.
2. in case of clear-signed message by ISO-2022-JP, not to force 8bit or
quoted-printable, but 7bit.

I checked this patch in case of ISO-8859-1, Shift_JIS (8bit), and
ISO-2022-JP (7bit) and it worked well.

>> at PGP/MIME encrypt, charset in Content-Type header is make equal to
>> Charset header in Armor Header Keys.
>> because other japanese MUA dependent charset in Content-Type header.
> 
> right, but even then I cannot accept a patch that affects all other
> character sets :-(

I agreed kiyo.
Content-Type header in Armor Header Keys is helpful not only for other
MUAs but also for humans who will decrypt messages manually by gpg.

- -- 
Kosuke Kaizuka <cai.0407 at gmail.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAkqvty4ACgkQa+goYNi1URIaTgD/XVF0vKiIrtwClRp5gPQWEk8q
upraWWP3pEE1GE6AULMA/2JXS8lR3+xr+barBFZi9DtKKYpRtpEp98mG0vFCMPBU
=60Xj
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: enigmailMsgComposeOverlay_1.187_rev.js.patch
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/9fb9d68c/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: enigmailMsgComposeOverlay_1.186.2.1_rev.patch
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/9fb9d68c/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: enigmailMsgComposeOverlay_1.187_rev.js.patch.sig
Type: application/octet-stream
Size: 96 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/9fb9d68c/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: enigmailMsgComposeOverlay_1.186.2.1_rev.patch.sig
Type: application/octet-stream
Size: 96 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/9fb9d68c/attachment-0001.obj>

From kyshk at bc.iij4u.or.jp  Tue Sep 15 22:29:09 2009
From: kyshk at bc.iij4u.or.jp (kyshk at bc.iij4u.or.jp)
Date: Wed, 16 Sep 2009 14:29:09 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AAF56B5.3040504@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>
	<4AAF56B5.3040504@mozilla-enigmail.org>
Message-ID: <4AB077A5.1050204@bc.iij4u.or.jp>

Hi!

At Tue Sep 15 2009 17:56:21 GMT+0900,
Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>> iso-2022-jp is 7bit, have no occasion to quoted-printable.
>> put a stop to 8bit request, it is The nerve!
>> because some japanese MUA is no appreciate quoted-printable.
> 
> I understood this. The problem is that your proposed patch is affecting
> any type of character sets, not only iso-2022-jp. So if you propose a
> patch that is specific to iso-2022-jp we can discuss about integrating it.

this is updated by Kosuke's revised patch.
have confirmation of other charset.

but He said "gave up ISO-2022-JP 7bit in PGP/MIME".
we can't cancel the quoted-printable.


>> at PGP/MIME encrypt, charset in Content-Type header is make equal to
>> Charset header in Armor Header Keys.
>> because other japanese MUA dependent charset in Content-Type header.
> 
> right, but even then I cannot accept a patch that affects all other
> character sets :-(

at line:1623 in enigmailMsgComposeOverlay.js
     if ( (sendInfo.sendFlags & ENIG_ENCRYPT) && charset &&
          (charset.search(/^us-ascii$/i) != 0) ) {
       // Add Charset armor header for encrypted blocks
       cipherText = cipherText.replace(/(-----BEGIN PGP MESSAGE-----
*)(\r?\n)/, "$1$2Charset: "+charset+"$2");
     }
this code is insert Charset, but it is non PGP/MIME.
same code in PGP/MIME not OK?
Charset is no needs other character sets user ?

--
kiyo

From patrick at mozilla-enigmail.org  Tue Sep 15 23:45:29 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 16 Sep 2009 08:45:29 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB077A5.1050204@bc.iij4u.or.jp>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>
	<4AB077A5.1050204@bc.iij4u.or.jp>
Message-ID: <4AB08989.5020802@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

kyshk at bc.iij4u.or.jp wrote:
> Hi!
> 
> At Tue Sep 15 2009 17:56:21 GMT+0900,
> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>>> iso-2022-jp is 7bit, have no occasion to quoted-printable.
>>> put a stop to 8bit request, it is The nerve!
>>> because some japanese MUA is no appreciate quoted-printable.
>> I understood this. The problem is that your proposed patch is affecting
>> any type of character sets, not only iso-2022-jp. So if you propose a
>> patch that is specific to iso-2022-jp we can discuss about integrating it.
> 
> this is updated by Kosuke's revised patch.
> have confirmation of other charset.
> 
> but He said "gave up ISO-2022-JP 7bit in PGP/MIME".
> we can't cancel the quoted-printable.
> 
> 
>>> at PGP/MIME encrypt, charset in Content-Type header is make equal to
>>> Charset header in Armor Header Keys.
>>> because other japanese MUA dependent charset in Content-Type header.
>> right, but even then I cannot accept a patch that affects all other
>> character sets :-(
> 
> at line:1623 in enigmailMsgComposeOverlay.js
>      if ( (sendInfo.sendFlags & ENIG_ENCRYPT) && charset &&
>           (charset.search(/^us-ascii$/i) != 0) ) {
>        // Add Charset armor header for encrypted blocks
>        cipherText = cipherText.replace(/(-----BEGIN PGP MESSAGE-----
> *)(\r?\n)/, "$1$2Charset: "+charset+"$2");
>      }
> this code is insert Charset, but it is non PGP/MIME.
> same code in PGP/MIME not OK?
> Charset is no needs other character sets user ?

The code you are looking at is only for inline-PGP. The PGP/MIME code is
somewhere quite different. In any case for PGP/MIME, the charset is in
the message content. The message content is an encrypted MIME part
following RFC 822, which can contain multiple sub-parts. Therefore any
charset would be wrong by definition.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrCJiHcOpHodsOiwAQhtzwf/ZXhw5YVaAUwx1XsEtlJCN/6EQ8UQ9xzm
wNZXrMkJ0VCp9kJEIHJHeg5OBO+pW7PzFlUfQuDopX/TpCO9j9l1vj4gvDa5XDX6
lmR1W7ZlbZe1SY/xmtIfHQtzfCpOyG5y5ePVjP6v8nmNnMXmi83FDQJhJ+lJVcAI
WLMqw0gVs1owKxwyvVwL3KoKbOzuQCJZWTlyZ9eS6IKG5IAYKLwhDel8uowclDNU
rV1UHePwarqpRmRRx/QofReXs4WdqfSbdt7nMfRzi5NVSrwtg7O1EAxAPWwftMnZ
NfklgdTXMRYq+ucscD2p/jFqvevnEpy5AVXQuafbcjt2CeRFBF5Fzw==
=U4eO
-----END PGP SIGNATURE-----

From kyshk at bc.iij4u.or.jp  Wed Sep 16 00:17:49 2009
From: kyshk at bc.iij4u.or.jp (kyshk at bc.iij4u.or.jp)
Date: Wed, 16 Sep 2009 16:17:49 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB08989.5020802@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>
	<4AB08989.5020802@mozilla-enigmail.org>
Message-ID: <4AB0911D.4040904@bc.iij4u.or.jp>

At Wed Sep 16 2009 15:45:29 GMT+0900,
Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
> kyshk at bc.iij4u.or.jp wrote:
>> Hi!
> 
>> At Tue Sep 15 2009 17:56:21 GMT+0900,
>> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>>>> iso-2022-jp is 7bit, have no occasion to quoted-printable.
>>>> put a stop to 8bit request, it is The nerve!
>>>> because some japanese MUA is no appreciate quoted-printable.
>>> I understood this. The problem is that your proposed patch is affecting
>>> any type of character sets, not only iso-2022-jp. So if you propose a
>>> patch that is specific to iso-2022-jp we can discuss about integrating it.
> 
>> this is updated by Kosuke's revised patch.
>> have confirmation of other charset.
> 
>> but He said "gave up ISO-2022-JP 7bit in PGP/MIME".
>> we can't cancel the quoted-printable.
> 
> 
>>>> at PGP/MIME encrypt, charset in Content-Type header is make equal to
>>>> Charset header in Armor Header Keys.
>>>> because other japanese MUA dependent charset in Content-Type header.
>>> right, but even then I cannot accept a patch that affects all other
>>> character sets :-(
> 
>> at line:1623 in enigmailMsgComposeOverlay.js
>>      if ( (sendInfo.sendFlags & ENIG_ENCRYPT) && charset &&
>>           (charset.search(/^us-ascii$/i) != 0) ) {
>>        // Add Charset armor header for encrypted blocks
>>        cipherText = cipherText.replace(/(-----BEGIN PGP MESSAGE-----
>> *)(\r?\n)/, "$1$2Charset: "+charset+"$2");
>>      }
>> this code is insert Charset, but it is non PGP/MIME.
>> same code in PGP/MIME not OK?
>> Charset is no needs other character sets user ?
> 
> The code you are looking at is only for inline-PGP. The PGP/MIME code is
> somewhere quite different. In any case for PGP/MIME, the charset is in
> the message content. The message content is an encrypted MIME part
> following RFC 822, which can contain multiple sub-parts. Therefore any
> charset would be wrong by definition.

OK, skip over difficult parts.
1. cancel the quoted-printable.
2. Charset header in Armor Header Keys.

any more important than the others. please accept Kosuke's revised patch.
Please! I appreciate it.

--
kiyo

From patrick at mozilla-enigmail.org  Wed Sep 16 00:50:40 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 16 Sep 2009 09:50:40 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0911D.4040904@bc.iij4u.or.jp>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>
	<4AB0911D.4040904@bc.iij4u.or.jp>
Message-ID: <4AB098D0.1040103@mozilla-enigmail.org>

kyshk at bc.iij4u.or.jp wrote:
> At Wed Sep 16 2009 15:45:29 GMT+0900,
> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
[...]
> 
> OK, skip over difficult parts.
> 1. cancel the quoted-printable.
> 2. Charset header in Armor Header Keys.
> 
> any more important than the others. please accept Kosuke's revised patch.
> Please! I appreciate it.

Well let's see :-) I have applied the patch, and I'm sending this
message as PGP/MIME-signed message with ISO-2022-JP encoding. To be sure
that it's really Japanese, I'm including a Japanese character (no idea
what it means ;-): ?.

As you will find out, the signature of this message is invalid because
it violates RFC 4880.

-- 
Patrick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/b4f49db7/attachment.bin>

From cai.0407 at gmail.com  Wed Sep 16 01:42:26 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Wed, 16 Sep 2009 17:42:26 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB098D0.1040103@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>
	<4AB098D0.1040103@mozilla-enigmail.org>
Message-ID: <4AB0A4F2.4000305@gmail.com>

Hi, Patrick

Patrick Brunschwig wrote:
> Well let's see :-) I have applied the patch, and I'm sending this
> message as PGP/MIME-signed message with ISO-2022-JP encoding. To be sure
> that it's really Japanese, I'm including a Japanese character (no idea
> what it means ;-): ?.
> 
> As you will find out, the signature of this message is invalid because
> it violates RFC 4880.

I have applied my patch for enigmail trunk 20090915-0557 and sending
this message as PGP/MIME-signed message with ISO-2022-JP.

I include ISO-2022-JP characters.
??????????

My patch doesn't set Content-Transfer-Encoding of PGP/MIME to 7bit, but
quoted-printable.
So, message doesn't violate RFC 4880 evenif line end space and signature
should be valid.
Actually, I and some Japanese users have tested my patch, and confirmed
that Content-Transfer-Encoding of PGP/MIME-sign message with ISO-2022-JP
encoding were quoted-printable, not 7bit.

If you need, I will send you sample message directly.

-- 
Kosuke Kaizuka <cai.0407 at gmail.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/3d2070df/attachment.bin>

From kyshk at bc.iij4u.or.jp  Wed Sep 16 02:03:04 2009
From: kyshk at bc.iij4u.or.jp (kyshk at bc.iij4u.or.jp)
Date: Wed, 16 Sep 2009 18:03:04 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB098D0.1040103@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>
	<4AB098D0.1040103@mozilla-enigmail.org>
Message-ID: <4AB0A9C8.3030608@bc.iij4u.or.jp>

At Wed Sep 16 2009 16:50:40 GMT+0900,
Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
> kyshk at bc.iij4u.or.jp wrote:
>> At Wed Sep 16 2009 15:45:29 GMT+0900,
>> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
> [...]
>>
>> OK, skip over difficult parts.
>> 1. cancel the quoted-printable.
>> 2. Charset header in Armor Header Keys.
>>
>> any more important than the others. please accept Kosuke's revised patch.
>> Please! I appreciate it.
> 
> Well let's see :-) I have applied the patch, and I'm sending this
> message as PGP/MIME-signed message with ISO-2022-JP encoding. To be sure
> that it's really Japanese, I'm including a Japanese character (no idea
> what it means ;-): ?.
> <----------------------------------------------------------[[ end line space]]
> As you will find out, the signature of this message is invalid because
> it violates RFC 4880.

Thanks,
I checked your message.

> Content-Type: text/plain; charset=ISO-2022-JP
> Content-Transfer-Encoding: 7bit
but, why 7bit?
you work to aid cancel the quoted-printable?

and,
this message is bad signature in RFC4880,
because message has end line space.

good japanese signed message is
use --rfc2440 or delete all end line space.

--
kiyo

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/6800d8df/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Sep 16 02:21:42 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 16 Sep 2009 11:21:42 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0A9C8.3030608@bc.iij4u.or.jp>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>
	<4AB0A9C8.3030608@bc.iij4u.or.jp>
Message-ID: <4AB0AE26.9070008@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

kyshk at bc.iij4u.or.jp wrote:
> At Wed Sep 16 2009 16:50:40 GMT+0900,
> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>> kyshk at bc.iij4u.or.jp wrote:
>>> At Wed Sep 16 2009 15:45:29 GMT+0900,
>>> Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
>> [...]
>>> OK, skip over difficult parts.
>>> 1. cancel the quoted-printable.
>>> 2. Charset header in Armor Header Keys.
>>>
>>> any more important than the others. please accept Kosuke's revised patch.
>>> Please! I appreciate it.
>> Well let's see :-) I have applied the patch, and I'm sending this
>> message as PGP/MIME-signed message with ISO-2022-JP encoding. To be sure
>> that it's really Japanese, I'm including a Japanese character (no idea
>> what it means ;-): ?.
>> <----------------------------------------------------------[[ end line space]]
>> As you will find out, the signature of this message is invalid because
>> it violates RFC 4880.
> 
> Thanks,
> I checked your message.
> 
>> Content-Type: text/plain; charset=ISO-2022-JP
>> Content-Transfer-Encoding: 7bit
> but, why 7bit?
> you work to aid cancel the quoted-printable?
> 
> and,
> this message is bad signature in RFC4880,
> because message has end line space.
> 
> good japanese signed message is
> use --rfc2440 or delete all end line space.

right! I think the patch was made for TB3 (which is what Kosuke
confirmed), and then backported to TB2. But TB2 behaves differently ...

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrCuJHcOpHodsOiwAQjgkAf/Y4b6w5/itLeNaNsgJS5w7N4ZSokWWFJP
K4oohFdG44i9fc6SNaOJ/Phc3OrgSTqIZgkLARJpJPXYPbpKnLNPPWrG/BVYyjJi
MBBeqkzA/oa73+pbDWFVg7tCaV/eSzYg6v0V96Rt6GcfmvH8odT0QyD8u6rH+lXP
sWxnCvi0jhgAzM7S/1LAAl7AEv6XMXSJ3L4y75zzFrDpg2e4CiBppWK9m5kRyRUF
TwTk6d68rlND8LJMuQKbbASlDRASsw5WpbD1qODXHHvTCGh+X6C4azKvX6mYVce1
8SGugr2n8q1GdWrkXTpjZ3Xb0UN+E3OvRLhe1iQMqo6IElv0+4ZWlQ==
=rMLw
-----END PGP SIGNATURE-----

From cai.0407 at gmail.com  Wed Sep 16 02:36:19 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Wed, 16 Sep 2009 18:36:19 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0AE26.9070008@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>
	<4AB0AE26.9070008@mozilla-enigmail.org>
Message-ID: <4AB0B193.2070906@gmail.com>


On 2009/09/16 18:21, Patrick Brunschwig wrote:
> right! I think the patch was made for TB3 (which is what Kosuke
> confirmed), and then backported to TB2. But TB2 behaves differently ...

Oh! Sorry for no mention about that.

I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
nightly, and simply backported to Enigmail 0.96, but haven't confirmed
for Tb2.

With my patch, situation of Tb2 and Enigmail goes back to that before I
reported bug 18361...
For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
message with ISO-2022-JP 7bit.

-- 
Kosuke Kaizuka <cai.0407 at gmail.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090916/ba7b6dde/attachment.bin>

From kyshk at bc.iij4u.or.jp  Wed Sep 16 04:20:14 2009
From: kyshk at bc.iij4u.or.jp (kyshk at bc.iij4u.or.jp)
Date: Wed, 16 Sep 2009 20:20:14 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0AE26.9070008@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>
	<4AB0AE26.9070008@mozilla-enigmail.org>
Message-ID: <4AB0C9EE.40201@bc.iij4u.or.jp>

At Wed Sep 16 2009 18:21:42 GMT+0900,
Patrick Brunschwig <patrick at mozilla-enigmail.org> wrote:
> right! I think the patch was made for TB3 (which is what Kosuke
> confirmed), and then backported to TB2. But TB2 behaves differently ...

Oh, you used TB2.
I see.

--
kiyo

From patrick at mozilla-enigmail.org  Wed Sep 16 04:33:54 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 16 Sep 2009 13:33:54 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0B193.2070906@gmail.com>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>
	<4AB0B193.2070906@gmail.com>
Message-ID: <4AB0CD22.7070300@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kosuke Kaizuka wrote:
> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>> right! I think the patch was made for TB3 (which is what Kosuke
>> confirmed), and then backported to TB2. But TB2 behaves differently ...
> 
> Oh! Sorry for no mention about that.
> 
> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
> for Tb2.
> 
> With my patch, situation of Tb2 and Enigmail goes back to that before I
> reported bug 18361...
> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
> message with ISO-2022-JP 7bit.

So, this brings us back to the original issue: there is a bug in TB2
which prevents Enigmail from producing valid OpenPGP signatures with
ISO-2022-JP. The resolutions are to either convert the message to UTF-8
or to use --rfc2440.

The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
you prefer, I can re-enable the question and thus allow users to specify
a gpg-option --rfc2440. But any patch you provide is bound to fail
because TB2 would never use quoted-printable with ISO-2022-JP.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrDNGXcOpHodsOiwAQjQ/wf6Ao4oOIuk8lWp4iTL/AbSQXqp1RmGbjtQ
Na2jPJYocToFmk7+p5BGP9Y6RBrVVF2Qs3u3mK1jS+VJGWTR1RcamfTALkCIaL09
em7a656WI13BxjhllJvbvUfyaLyjiK3U7v7nkp+/jTrLxNm/UaKPP6bFWYdH3tpc
wSHL6zU2a3D/alBqDgV1oq3VD4T0WCN/uMrpbEMWNrUdBdMYD/m3GreJDLvwb+je
a74JuCrrTVXxos++KXf6LH66BLpl/VXn3l9USvv0SZf+6h+TvvQoXc4rfcj4O896
wIV/kBN1KOZRKuESfpw9UWpq35+tB0IXXi+9Ky6vPe9eJAyJxA+Ofg==
=vNfC
-----END PGP SIGNATURE-----

From cai.0407 at gmail.com  Wed Sep 16 05:17:36 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Wed, 16 Sep 2009 21:17:36 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0CD22.7070300@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>	<4AB0B193.2070906@gmail.com>
	<4AB0CD22.7070300@mozilla-enigmail.org>
Message-ID: <4AB0D760.6090602@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2009/09/16 20:33, Patrick Brunschwig wrote:
> Kosuke Kaizuka wrote:
>> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>>> right! I think the patch was made for TB3 (which is what Kosuke
>>> confirmed), and then backported to TB2. But TB2 behaves differently ...
> 
>> Oh! Sorry for no mention about that.
> 
>> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
>> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
>> for Tb2.
> 
>> With my patch, situation of Tb2 and Enigmail goes back to that before I
>> reported bug 18361...
>> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
>> message with ISO-2022-JP 7bit.
> 
> So, this brings us back to the original issue: there is a bug in TB2
> which prevents Enigmail from producing valid OpenPGP signatures with
> ISO-2022-JP. The resolutions are to either convert the message to UTF-8
> or to use --rfc2440.

That's right.

> The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
> Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
> you prefer, I can re-enable the question and thus allow users to specify
> a gpg-option --rfc2440. But any patch you provide is bound to fail
> because TB2 would never use quoted-printable with ISO-2022-JP.

Users can select below, right?
1. keep encoding ISO-2022-JP 7bit and specify a gpg option --rfc2440
2. convert encoding to UTF-8 quoted-printable

It's very good solution for TB2 users.  In my feeling, radio button type
dialog seems to be better than yes/no type dialog.
In 0.95.7, question message was hard-coded in
enigmailMsgComposeOverlay.js and couldn't be localized.  Please put
these strings in enigmail.dtd or .propeties.

- -- 
Kosuke Kaizuka <cai.0407 at gmail.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAkqw118ACgkQa+goYNi1URJk/QD8CqLvwCJLDIqF7R6cVGLBO0Qo
ymqplRX+yuJdEanTEtwA/21UVRtufyXz5hguzTi5xpPpP/nEFcBw8DSWnzWbNgrh
=woqF
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Wed Sep 16 07:36:05 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 16 Sep 2009 16:36:05 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0D760.6090602@gmail.com>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>	<4AB0B193.2070906@gmail.com>	<4AB0CD22.7070300@mozilla-enigmail.org>
	<4AB0D760.6090602@gmail.com>
Message-ID: <4AB0F7D5.6060003@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kosuke Kaizuka wrote:
> On 2009/09/16 20:33, Patrick Brunschwig wrote:
>> Kosuke Kaizuka wrote:
>>> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>>>> right! I think the patch was made for TB3 (which is what Kosuke
>>>> confirmed), and then backported to TB2. But TB2 behaves differently ...
>>> Oh! Sorry for no mention about that.
>>> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
>>> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
>>> for Tb2.
>>> With my patch, situation of Tb2 and Enigmail goes back to that before I
>>> reported bug 18361...
>>> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
>>> message with ISO-2022-JP 7bit.
>> So, this brings us back to the original issue: there is a bug in TB2
>> which prevents Enigmail from producing valid OpenPGP signatures with
>> ISO-2022-JP. The resolutions are to either convert the message to UTF-8
>> or to use --rfc2440.
> 
> That's right.
> 
>> The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
>> Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
>> you prefer, I can re-enable the question and thus allow users to specify
>> a gpg-option --rfc2440. But any patch you provide is bound to fail
>> because TB2 would never use quoted-printable with ISO-2022-JP.
> 
> Users can select below, right?
> 1. keep encoding ISO-2022-JP 7bit and specify a gpg option --rfc2440
> 2. convert encoding to UTF-8 quoted-printable

yes.

> It's very good solution for TB2 users.  In my feeling, radio button type
> dialog seems to be better than yes/no type dialog.
> In 0.95.7, question message was hard-coded in
> enigmailMsgComposeOverlay.js and couldn't be localized.  Please put
> these strings in enigmail.dtd or .propeties.

The problem is that this would require localization updates, which I try
to avoid for minor upgrades.

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrD31HcOpHodsOiwAQgECQgApIa2WEvNrldQ++TQskPXw6z4l2dqU1Pu
ACB9crcTqEkXUCvBs5m13BorPcG7YGWRjalnkUBHrfRh4xH/t4hU1ejigt/necHC
cG0sPsuN/XuCpl60BiT5qjkVq4TdTqmIGOtWg+HPPHdvNEqtMA0/QAovfJTn+7f2
TzE1NAc6BkM5PybozK4RWS+GJrvLnwgWgpYv6mXS4oYfZp8Ee/JvAPlNvNulyPyM
fANxRkru1qEccLOVDh5qTiWwa/EAh1LcIsr5UAh5Gs4yGeU5QEtaC0E60g67m3kQ
e+aneK/F3OG/U36PAInepOUTdVSHdnFEoOkW+puLPnICdVyFoHVXhw==
=KfDx
-----END PGP SIGNATURE-----

From cai.0407 at gmail.com  Wed Sep 16 20:47:43 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Thu, 17 Sep 2009 12:47:43 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB0F7D5.6060003@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>	<4AB0B193.2070906@gmail.com>	<4AB0CD22.7070300@mozilla-enigmail.org>	<4AB0D760.6090602@gmail.com>
	<4AB0F7D5.6060003@mozilla-enigmail.org>
Message-ID: <4AB1B15F.4050600@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2009/09/16 23:36, Patrick Brunschwig wrote:
> Kosuke Kaizuka wrote:
>> On 2009/09/16 20:33, Patrick Brunschwig wrote:
>>> Kosuke Kaizuka wrote:
>>>> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>>>>> right! I think the patch was made for TB3 (which is what Kosuke
>>>>> confirmed), and then backported to TB2. But TB2 behaves differently ...
>>>> Oh! Sorry for no mention about that.
>>>> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
>>>> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
>>>> for Tb2.
>>>> With my patch, situation of Tb2 and Enigmail goes back to that before I
>>>> reported bug 18361...
>>>> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
>>>> message with ISO-2022-JP 7bit.
>>> So, this brings us back to the original issue: there is a bug in TB2
>>> which prevents Enigmail from producing valid OpenPGP signatures with
>>> ISO-2022-JP. The resolutions are to either convert the message to UTF-8
>>> or to use --rfc2440.
> 
>> That's right.
> 
>>> The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
>>> Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
>>> you prefer, I can re-enable the question and thus allow users to specify
>>> a gpg-option --rfc2440. But any patch you provide is bound to fail
>>> because TB2 would never use quoted-printable with ISO-2022-JP.
> 
>> Users can select below, right?
>> 1. keep encoding ISO-2022-JP 7bit and specify a gpg option --rfc2440
>> 2. convert encoding to UTF-8 quoted-printable
> 
> yes.
> 
>> It's very good solution for TB2 users.  In my feeling, radio button type
>> dialog seems to be better than yes/no type dialog.
>> In 0.95.7, question message was hard-coded in
>> enigmailMsgComposeOverlay.js and couldn't be localized.  Please put
>> these strings in enigmail.dtd or .propeties.
> 
> The problem is that this would require localization updates, which I try
> to avoid for minor upgrades.

I discussed with other ISO-2022-JP users about this problem, and we agreed,
"If we can choose ISO-2022-JP/7bit with --rfc2440 or
UTF-8/quoted-printable by Config Editor or user.js (default setting is
ISO-2022-JP/7bit with --rfc2440, of course), dialog is not needed."
How about this idea?  Without dialog, no localization is required.

- -- 
Kosuke Kaizuka <cai.0407 at gmail.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAkqxsV4ACgkQa+goYNi1URKkTwD+I1VkLtZDqvX3Y2NPOhDSQtzr
YyB1bjc4W/VFZjMbngwA+gPO+Uwl9IIc1VHw2s2PEVzmbGIH1PGGVlt1CVsQNv41
=y/q2
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Thu Sep 17 00:13:09 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Thu, 17 Sep 2009 09:13:09 +0200
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB1B15F.4050600@gmail.com>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>	<4AB0B193.2070906@gmail.com>	<4AB0CD22.7070300@mozilla-enigmail.org>	<4AB0D760.6090602@gmail.com>	<4AB0F7D5.6060003@mozilla-enigmail.org>
	<4AB1B15F.4050600@gmail.com>
Message-ID: <4AB1E185.1050104@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kosuke Kaizuka wrote:
> On 2009/09/16 23:36, Patrick Brunschwig wrote:
>> Kosuke Kaizuka wrote:
>>> On 2009/09/16 20:33, Patrick Brunschwig wrote:
>>>> Kosuke Kaizuka wrote:
>>>>> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>>>>>> right! I think the patch was made for TB3 (which is what Kosuke
>>>>>> confirmed), and then backported to TB2. But TB2 behaves differently ...
>>>>> Oh! Sorry for no mention about that.
>>>>> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
>>>>> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
>>>>> for Tb2.
>>>>> With my patch, situation of Tb2 and Enigmail goes back to that before I
>>>>> reported bug 18361...
>>>>> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
>>>>> message with ISO-2022-JP 7bit.
>>>> So, this brings us back to the original issue: there is a bug in TB2
>>>> which prevents Enigmail from producing valid OpenPGP signatures with
>>>> ISO-2022-JP. The resolutions are to either convert the message to UTF-8
>>>> or to use --rfc2440.
>>> That's right.
>>>> The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
>>>> Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
>>>> you prefer, I can re-enable the question and thus allow users to specify
>>>> a gpg-option --rfc2440. But any patch you provide is bound to fail
>>>> because TB2 would never use quoted-printable with ISO-2022-JP.
>>> Users can select below, right?
>>> 1. keep encoding ISO-2022-JP 7bit and specify a gpg option --rfc2440
>>> 2. convert encoding to UTF-8 quoted-printable
>> yes.
> 
>>> It's very good solution for TB2 users.  In my feeling, radio button type
>>> dialog seems to be better than yes/no type dialog.
>>> In 0.95.7, question message was hard-coded in
>>> enigmailMsgComposeOverlay.js and couldn't be localized.  Please put
>>> these strings in enigmail.dtd or .propeties.
>> The problem is that this would require localization updates, which I try
>> to avoid for minor upgrades.
> 
> I discussed with other ISO-2022-JP users about this problem, and we agreed,
> "If we can choose ISO-2022-JP/7bit with --rfc2440 or
> UTF-8/quoted-printable by Config Editor or user.js (default setting is
> ISO-2022-JP/7bit with --rfc2440, of course), dialog is not needed."
> How about this idea?  Without dialog, no localization is required.

Alright, that's easily doable for TB 2.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrHhg3cOpHodsOiwAQjKDQf/Wk5Egi9v4xe9f1Qsrp3UuJP9OUn8rUsF
Fx+ZufPXvJc1agL7L3czYvRtE9EY16LcJdJvDD/y/Kaw1e2/UxBtKxnP9tsUWyMU
jjiQ8q1O0h/LktVSsJEeFj9baemJez8DGeTxHJ9f30oqZzaV7seK23HJ1mG1TKDO
ErUs2ZbUIPPssMY5DCwCJDuJqoq3Fs0iETCgY3eRWqD0NPc7CQWDk249nA8ShB6C
n7T7JPisY5tfsVcJuZVYXOLl1C9WpZ2eI9Yb6gYvmAgaTJ4MmQPsZ6ZR8s9lThy8
1fOh25EFopadQiDGRvvYpt8zJQUBpnu08wa6ciTg8NtFIu9Vu9s4fw==
=ml5Q
-----END PGP SIGNATURE-----

From cai.0407 at gmail.com  Thu Sep 17 00:49:45 2009
From: cai.0407 at gmail.com (Kosuke Kaizuka)
Date: Thu, 17 Sep 2009 16:49:45 +0900
Subject: [Enigmail] Problem of 7bit characters (epecially ISO-2022-JP)
In-Reply-To: <4AB1E185.1050104@mozilla-enigmail.org>
References: <4AAE2E8C.8000600@gmail.com>	<4AAE4CCB.1000601@mozilla-enigmail.org>	<4AAE61C2.30504@bc.iij4u.or.jp>	<4AAF56B5.3040504@mozilla-enigmail.org>	<4AB077A5.1050204@bc.iij4u.or.jp>	<4AB08989.5020802@mozilla-enigmail.org>	<4AB0911D.4040904@bc.iij4u.or.jp>	<4AB098D0.1040103@mozilla-enigmail.org>	<4AB0A9C8.3030608@bc.iij4u.or.jp>	<4AB0AE26.9070008@mozilla-enigmail.org>	<4AB0B193.2070906@gmail.com>	<4AB0CD22.7070300@mozilla-enigmail.org>	<4AB0D760.6090602@gmail.com>	<4AB0F7D5.6060003@mozilla-enigmail.org>	<4AB1B15F.4050600@gmail.com>
	<4AB1E185.1050104@mozilla-enigmail.org>
Message-ID: <4AB1EA19.5010902@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2009/09/17 16:13, Patrick Brunschwig wrote:
> Kosuke Kaizuka wrote:
>> On 2009/09/16 23:36, Patrick Brunschwig wrote:
>>> Kosuke Kaizuka wrote:
>>>> On 2009/09/16 20:33, Patrick Brunschwig wrote:
>>>>> Kosuke Kaizuka wrote:
>>>>>> On 2009/09/16 18:21, Patrick Brunschwig wrote:
>>>>>>> right! I think the patch was made for TB3 (which is what Kosuke
>>>>>>> confirmed), and then backported to TB2. But TB2 behaves differently ...
>>>>>> Oh! Sorry for no mention about that.
>>>>>> I have confirmed my patch for combination of Tb3b3 and Enigmail trunk
>>>>>> nightly, and simply backported to Enigmail 0.96, but haven't confirmed
>>>>>> for Tb2.
>>>>>> With my patch, situation of Tb2 and Enigmail goes back to that before I
>>>>>> reported bug 18361...
>>>>>> For Tb2, --rfc2440 gpg option makes valid signature of PGP/MIME-signed
>>>>>> message with ISO-2022-JP 7bit.
>>>>> So, this brings us back to the original issue: there is a bug in TB2
>>>>> which prevents Enigmail from producing valid OpenPGP signatures with
>>>>> ISO-2022-JP. The resolutions are to either convert the message to UTF-8
>>>>> or to use --rfc2440.
>>>> That's right.
>>>>> The only change I made in Enigmail v0.96.0 compared to v0.95.7 is that
>>>>> Enigmail doesn't ask anymore, but just converts the message to UTF-8. If
>>>>> you prefer, I can re-enable the question and thus allow users to specify
>>>>> a gpg-option --rfc2440. But any patch you provide is bound to fail
>>>>> because TB2 would never use quoted-printable with ISO-2022-JP.
>>>> Users can select below, right?
>>>> 1. keep encoding ISO-2022-JP 7bit and specify a gpg option --rfc2440
>>>> 2. convert encoding to UTF-8 quoted-printable
>>> yes.
> 
>>>> It's very good solution for TB2 users.  In my feeling, radio button type
>>>> dialog seems to be better than yes/no type dialog.
>>>> In 0.95.7, question message was hard-coded in
>>>> enigmailMsgComposeOverlay.js and couldn't be localized.  Please put
>>>> these strings in enigmail.dtd or .propeties.
>>> The problem is that this would require localization updates, which I try
>>> to avoid for minor upgrades.
> 
>> I discussed with other ISO-2022-JP users about this problem, and we agreed,
>> "If we can choose ISO-2022-JP/7bit with --rfc2440 or
>> UTF-8/quoted-printable by Config Editor or user.js (default setting is
>> ISO-2022-JP/7bit with --rfc2440, of course), dialog is not needed."
>> How about this idea?  Without dialog, no localization is required.
> 
> Alright, that's easily doable for TB 2.

Great.

In summary, with my patch and your work, Enigmail will set encoding for
PGP/MIME-signed message written in ISO-2022-JP as below, right?

TB3 - ISO-2022-JP/quoted-printable
TB2 - User can choose ISO-2022-JP/7bit with --rfc2440 or
UTF-8/quoted-printable by prefs

- -- 
Kosuke Kaizuka <cai.0407 at gmail.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAkqx6hkACgkQa+goYNi1URKwvQEAi6SfIALELpmIGp+HV9ih0fXB
j/vrxVZJOQo2i0T0+l0A/Rcf/tOOfSa/CFfnwbdJmlSFR5YmKk1i/7b0QJ3qZCV8
=AcGC
-----END PGP SIGNATURE-----

From jfl at robinlea.com  Fri Sep 18 06:06:17 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Fri, 18 Sep 2009 20:06:17 +0700
Subject: [Enigmail] gmail
Message-ID: <4AB385C9.8030205@robinlea.com>

Some while ago I wrote asking about gmail and enigmail. I was able to
send mail to a couple of gracious list correspondents, but I have a
problem with my key... or something.

gmail is becoming more and more pervasive.

I'd like to set up a webpage detailing the steps required to correspond
with gmailers using encryption. Clearly this is a widespread need,
getting more urgent everyday.

The only thing that's holding me back is that I don't know what I'm
talking about.

I'd appreciate it if some gmailer on the list would take the time to
help me discover just what it is I need to do and what is required of
the gmailer with whom I'm corresponding in order to make myselrf
reasonably secure from the smiling, evil, dossier-compiling Big Brother
in Palo Alto, or wherever the Googleplex is.

Thanks for your patience.

-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand
-------------- next part --------------
An embedded message was scrubbed...
From: John Francis Lee <jfl at robinlea.com>
Subject: [Enigmail] gmail?
Date: Sat, 22 Aug 2009 21:16:35 +0700
Size: 3453
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090918/a33f58a8/attachment.eml>

From jmoore3rd at bellsouth.net  Fri Sep 18 09:27:37 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Fri, 18 Sep 2009 12:27:37 -0400
Subject: [Enigmail] gmail
In-Reply-To: <4AB385C9.8030205@robinlea.com>
References: <4AB385C9.8030205@robinlea.com>
Message-ID: <4AB3B4F9.7020408@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Francis Lee wrote:

> I'd appreciate it if some gmailer on the list would take the time to
> help me discover just what it is I need to do and what is required of
> the gmailer with whom I'm corresponding in order to make myselrf
> reasonably secure from the smiling, evil, dossier-compiling Big Brother
> in Palo Alto, or wherever the Googleplex is.

Googleplex is pervasively _everywhere_ but the solution is rather
simple, IMHO.

Since Enigmail requires using either Thunderbird or SeaMonkey simply
configure an Account in either MUA following the handy instructions
provided by Google.  Once configured both Correspondents may cheerfully
communicate in privacy of content.

Traffic Analysis will pinpoint transmission/reception locations and that
encryption is being employed but this is actually helpful; unless either
Yourself or a Correspondent is already on a 'Watch List'.  :-D

The real 'trick' is composing messages within Your Own MUA so that the
danger of automatic Draft saving is eliminated. [this 'danger' exists
with any Webmail site based composition screen]

HTH

JOHN ;)
Timestamp: Friday 18 Sep 2009, 12:25  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKs7T3AAoJEBCGy9eAtCsPqwwIAKR7hUZkd+sgMusnujSzJ9DD
0lSPiEXTFMQExuf/PrnVnybimvJV11M2PoOKlZ8Ksbn1ke501TM05Fekyr4EpOfp
1YDXoWPWpAPBzPUmJHhDtFZXgeow/z8AiA+AJpn9NYpW8a1Z0goVcgAwO/7ZhliO
yfAuVq89dh4PbTDGkXUH05p14Z2zi1ebiO+D0BV9ClNrNVj63aTNtjGLcJTNO9Mu
jcxt06m/ps5WgJW/zPzNCLPhXMP5itbctortetrYtJdqAG0iC+YK8AtAyBOZeQWN
N4va4acUOpcpW0p80qDxnbR9YGCumoExSUhU6G3v0x0frM2blyC0XDP2IWbhIgc=
=m28u
-----END PGP SIGNATURE-----

From maximilien at theglu.org  Fri Sep 18 12:03:56 2009
From: maximilien at theglu.org (Maximilien Cuony [The_Glu])
Date: Fri, 18 Sep 2009 21:03:56 +0200
Subject: [Enigmail] gmail
Message-ID: <200909182103.56419.maximilien@theglu.org>

Hello,

There is FireGPG too witch is a firefox's extention, but not working yet with 
gmail (they changed they html and it's broke FireGPG) ;)

Regards,
-- 
Maximilien Cuony [The_Glu]
http://theglu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090918/227e5810/attachment.bin>

From jfl at robinlea.com  Fri Sep 18 12:25:14 2009
From: jfl at robinlea.com (John Francis Lee)
Date: Sat, 19 Sep 2009 02:25:14 +0700
Subject: [Enigmail] gmail
In-Reply-To: <4AB3B4F9.7020408@bellsouth.net>
References: <4AB385C9.8030205@robinlea.com> <4AB3B4F9.7020408@bellsouth.net>
Message-ID: <4AB3DE9A.4050004@robinlea.com>

John W. Moore III wrote:
> John Francis Lee wrote:
> 
>> I'd appreciate it if some gmailer on the list would take the time to
>> help me discover just what it is I need to do and what is required of
>> the gmailer with whom I'm corresponding in order to make myselrf
>> reasonably secure from the smiling, evil, dossier-compiling Big Brother
>> in Palo Alto, or wherever the Googleplex is.
> 
> Googleplex is pervasively _everywhere_ but the solution is rather
> simple, IMHO.
> 
> Since Enigmail requires using either Thunderbird or SeaMonkey simply
> configure an Account in either MUA following the handy instructions
> provided by Google.  Once configured both Correspondents may cheerfully
> communicate in privacy of content.
> 
> Traffic Analysis will pinpoint transmission/reception locations and that
> encryption is being employed but this is actually helpful; unless either
> Yourself or a Correspondent is already on a 'Watch List'.  :-D
> 
> The real 'trick' is composing messages within Your Own MUA so that the
> danger of automatic Draft saving is eliminated. [this 'danger' exists
> with any Webmail site based composition screen]
> 
> HTH
> 
> JOHN ;)
> Timestamp: Friday 18 Sep 2009, 12:25  --400 (Eastern Daylight Time)

I have to ask everyone of my respective gmailing corespondents to use
Enigmail? And I have to have a google account myself to correspond with
someone using gmail?

Whose traffic analysis and whose watch list?

Where will these drafts automatically be saved? Aren't we now using
thunderbird or seamonkey as MUA?

I guess my "thinking" is pretty fuzzy.

If I want to encrypt my mail I will have to use the recipient's key to
do so. If I use my private key then anyone can decrypt my message using
my public key. So the first requirement for communicating over gmail
without communicating wily-nily with google as well is to convince the
person with whom I'm trying to communicate that they must install
thunderbird and enigmail, and then be careful not to have our drafts
automatically saved by... thunderbird?

Thanks for your help.

_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

-- 
John Francis Lee
1025/37 Thanon Jet Yod
Mueang Chiangrai 57000
Thailand

From jmoore3rd at bellsouth.net  Fri Sep 18 12:48:58 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Fri, 18 Sep 2009 15:48:58 -0400
Subject: [Enigmail] gmail
In-Reply-To: <4AB3DE9A.4050004@robinlea.com>
References: <4AB385C9.8030205@robinlea.com> <4AB3B4F9.7020408@bellsouth.net>
	<4AB3DE9A.4050004@robinlea.com>
Message-ID: <4AB3E42A.6090004@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Francis Lee wrote:

> I have to ask everyone of my respective gmailing corespondents to use
> Enigmail? And I have to have a google account myself to correspond with
> someone using gmail?

With admitted bias I can say that it would be nice if You could
'encourage' all of Your correspondents to utilize Enigmail. :-D  That
said, it isn't a requirement; they may use whatever PGP/GPG Encryption
tool they prefer.  They _will_ need to use PGP or GPG /if/ this is Your
preferred method of encryption.  There are Tray Tool frontends available
such as GPGshell [http://www.jumaros.de/rsoft/index.html] & WinPT.
Since this is the Enigmail Mailing List and You inquired here I supplied
the 'Enigmail Solution'.  D'oh!

> Whose traffic analysis and whose watch list?

Any TLA of Your choosing.

> Where will these drafts automatically be saved? Aren't we now using
> thunderbird or seamonkey as MUA?

If messages are composed within the Webmail Compose Screen they are
saved on the Webmail Host Server.  This is touted as a 'convenience
feature' for the User.  :-\

> If I want to encrypt my mail I will have to use the recipient's key to
> do so.

Yep; their Public Key.

> If I use my private key then anyone can decrypt my message using
> my public key. So the first requirement for communicating over gmail
> without communicating wily-nily with google as well is to convince the
> person with whom I'm trying to communicate that they must install
> thunderbird and enigmail, and then be careful not to have our drafts
> automatically saved by... thunderbird?

<SIGH>  When You encrypt *no-one* can decrypt the message /unless/ they
have the passphrase necessary to unlock whatever Public Key(s) You
encrypted it to.

'They' don't necessarily have to use T-Bird/SeaMonkey w/Enigmail; as
mentioned above they can use PGP or GPG with any frontend of their
choosing.  They _must_ use some OpenPGP software in order for
encryption/decryption to happen; unless You choose to use S/MIME with
x.509 Certificates.  Again, this is the Enigmail List so I am assuming
that GPG is chosen by all and is what will be used.  Enigmail contains
*no* Encryption software but is only a frontend for GnuPG.

The Firefox Extension FireGPG does exist but I not only have mixed
feelings about it's use I have recently heard that due to a change in
Gmail's HTML presentation it is broken at present.  [Side Note:  HTML &
Inline Encryption do *not* 'play nice' together]

Please feel free to contact Me direct/off-list if You wish to continue
discussing non-Enigmail solutions.

JOHN 8-)
Timestamp: Friday 18 Sep 2009, 15:48  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKs+QpAAoJEBCGy9eAtCsPuVYH/R5sVxR5SKFrOwGRN8PcgrKy
pYCgeUPSWWqz6lnNTzM3PQOhu60KMPs6SmkDSpy8PmPuWDzyLcKvGeh6Z39ibcR/
DKPWLnxGcRZgYjb7hfBu6rwafi7JkPZkDi1LcPtAvLc6eYLV0dWBCr7A7SZJMrJd
O3jTgE1aGDcw2MSUErty/XivhXxGvKeAc+UKti3VfCLT37w4o1Q/8IqhZj3wKQU8
jwfX0teSZqIT0QUfkWmjTfJqXkgneW2FnGzlhoijSSEhM/VQ4hPY39ccMbPkXb3i
HEAnxw+McmJ6XDlnBqD4zRUobOIVIH/ZuQlmtcUAB8RR5E93cNkMQ5yWnlAV0rs=
=HgqM
-----END PGP SIGNATURE-----

From mueller.marcel at gmx.li  Sun Sep 20 04:00:55 2009
From: mueller.marcel at gmx.li (Marcel Mueller)
Date: Sun, 20 Sep 2009 13:00:55 +0200
Subject: [Enigmail] enigmail on thunderbird penelope 3.0b?
Message-ID: <4AB60B67.30801@gmx.li>

hi.

i'm using the penelope / eudora release and would like to use enigmail 
(which should be supported, as far as i could gather from the enigmail 
page). unfortunately i simply get incompatibility messages when i try to 
install the plugin (tried various versions).

so if someone could point me the right direction, that'd be great.

thanks in advance,

  marcel

From John at Mozilla-Enigmail.org  Sun Sep 20 06:09:26 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Sun, 20 Sep 2009 08:09:26 -0500
Subject: [Enigmail] enigmail on thunderbird penelope 3.0b?
In-Reply-To: <4AB60B67.30801@gmx.li>
References: <4AB60B67.30801@gmx.li>
Message-ID: <4AB62986.8040402@Mozilla-Enigmail.org>

Marcel Mueller wrote:
> hi.
> 
> I'm using the Penelope / Eudora release and would like to use Enigmail 
> (which should be supported, as far as i could gather from the Enigmail 
> page). unfortunately i simply get incompatibility messages when i try to 
> install the plug-in (tried various versions).
> 
> so if someone could point me the right direction, that'd be great.
> 
None of the release builds track the 3.0beta branch branch of Thunderbird code.
(they will as soon as 3.0 is officially released)

The nightly Enigmail builds track the 3.0 branch. This is development work and
as such is a moving target. http://enigmail.mozdev.org/download/nightly.php

Please let us know if this works for you.

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090920/c04754be/attachment.bin>

From nviolet at gmx.net  Mon Sep 21 00:42:54 2009
From: nviolet at gmx.net (Norman Violet)
Date: Mon, 21 Sep 2009 09:42:54 +0200
Subject: [Enigmail] enigmail on thunderbird penelope 3.0b?
In-Reply-To: <mailman.88.1253452183.85486.enigmail@mozdev.org>
References: <4AB60B67.30801@gmx.li>
	<mailman.88.1253452183.85486.enigmail@mozdev.org>
Message-ID: <h97ana$2u5p$1@mozdev.mozdev.org>

On 20.09.2009 15:09, John Clizbe wrote:
> Marcel Mueller wrote:
>> hi.
>>
>> I'm using the Penelope / Eudora release and would like to use Enigmail 
>> (which should be supported, as far as i could gather from the Enigmail 
>> page). unfortunately i simply get incompatibility messages when i try to 
>> install the plug-in (tried various versions).
>>
>> so if someone could point me the right direction, that'd be great.
>>
> None of the release builds track the 3.0beta branch branch of Thunderbird code.
> (they will as soon as 3.0 is officially released)
> 
> The nightly Enigmail builds track the 3.0 branch. This is development work and
> as such is a moving target. http://enigmail.mozdev.org/download/nightly.php
> 
> Please let us know if this works for you.
> 

It does, I am using Eudora 8 too and sometimes I had to try several of
the Enigmail nightly builds but in the end it does work properly.

On this computer I currently use:

Enigmail 0.96a (200904015-0637) with
Eudora: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b3pre)
Gecko/20090408 Eudora/3.0b2 (Penelope 0.5a3)

On a different computer I use the current release of Eudora and a
Enigmail 0.97 version, but can't say which one exactly. But since the
recent version of Thunderbird has some flaws in it, I prefer the
combination I posted above.

Cheers,
Norman


From patrick at mozilla-enigmail.org  Mon Sep 21 01:21:12 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Mon, 21 Sep 2009 10:21:12 +0200
Subject: [Enigmail] enigmail on thunderbird penelope 3.0b?
In-Reply-To: <h97ana$2u5p$1@mozdev.mozdev.org>
References: <4AB60B67.30801@gmx.li>	<mailman.88.1253452183.85486.enigmail@mozdev.org>
	<h97ana$2u5p$1@mozdev.mozdev.org>
Message-ID: <4AB73778.8000500@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Norman Violet wrote:
> On 20.09.2009 15:09, John Clizbe wrote:
>> Marcel Mueller wrote:
>>> hi.
>>>
>>> I'm using the Penelope / Eudora release and would like to use Enigmail 
>>> (which should be supported, as far as i could gather from the Enigmail 
>>> page). unfortunately i simply get incompatibility messages when i try to 
>>> install the plug-in (tried various versions).
>>>
>>> so if someone could point me the right direction, that'd be great.
>>>
>> None of the release builds track the 3.0beta branch branch of Thunderbird code.
>> (they will as soon as 3.0 is officially released)
>>
>> The nightly Enigmail builds track the 3.0 branch. This is development work and
>> as such is a moving target. http://enigmail.mozdev.org/download/nightly.php
>>
>> Please let us know if this works for you.
>>
> 
> It does, I am using Eudora 8 too and sometimes I had to try several of
> the Enigmail nightly builds but in the end it does work properly.
> 
> On this computer I currently use:
> 
> Enigmail 0.96a (200904015-0637) with
> Eudora: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b3pre)
> Gecko/20090408 Eudora/3.0b2 (Penelope 0.5a3)

You can be quite sure that current Enigmail nightly builds won't work
with any Thunderbird version (or derivative, like Eudora) from April.
Enigmail and Thunderbird need to be built around the same time,
otherwise the API's won't work.

If you need a specific version of Enigmail, then let me know. I have an
(unpublished) archive of all nightly builds.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSrc3d3cOpHodsOiwAQjVsAgAoEh5phToyOvB5Inde602sAuBBWU9E57N
DxIuZLRpTTfaEe7itrr0M+NfdkiwWUq/ujLKEboruVjtKN+1UUNn9W5RFxxYD3En
M2hTwdP4uRHoL2qRkPpRB57I6nRkYNQqVyqCBGuxJIBEMsKLU/LZZ/AEru7mFTqk
zDAydPrJ8RVqMgPEgepUBaQIO6RsI16qrT+9WJ+KIeWMuC9rQOMR7GHAwYKPgOw+
v3L4dWJSLlbDDZ8LVvWn1I6ywgtHABZ91wqmw1k/CnMvooqK26ajahFbmzE+0QPl
xKao/nP+puUlFuOD34RB7w4XW0YgAU2I1BGFRN96NbgCA4MhKt+rcw==
=bF+Y
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Tue Sep 22 09:15:08 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 22 Sep 2009 12:15:08 -0400
Subject: [Enigmail] key selection when multiple keys have full validity
Message-ID: <4AB8F80C.4000901@fifthhorseman.net>

I have a contact who has two OpenPGP keys which i have independently
verified (he is going through a transition from 1024-bit DSA primary key
to 4096-bit RSA primary key, and he wants to keep around the old key for
a while).  Enigmail seems to choose the "wrong key" (the old key) by
default.  Is this intentional?

both of these keys have full validity, which gpg outputs like this
(anonymized for public consumption):

0 dkg at pip:~ $ gpg --list-key foo at example.com
pub   1024D/DEADBEEF 2000-02-03
uid       [  full  ] Xavier Ample <foo at example.com>
sub   1024g/01010101 2000-02-03

pub   4096R/DECAFBAD 2009-06-20 [expires: 2010-06-20]
uid       [  full  ] Xavier Ample <foo at example.com>
sub   4096R/02020202 2009-06-20 [expires: 2010-06-20]

0 dkg at pip:~ $

I have no per-recipient rules set up for this user, and i have enigmail
configured to only encrypt to keys with full validity for the intended
recipient.

when i send mail to this contact, enigmail seems to always choose the
old key.  Why is this?

It looks to me like enigmail's algorithm for choosing a key in this case
by enigmail is either:

 a) pick the first key gpg outputs with full calculated validity on a
matching User ID, or

 b) pick the earliest-created key with full calculated validity on a
matching User ID, or

 c) enigmail simply passes the user ID to gpg and lets gpg choose a
matching key (gpg seems to choose the old key as well -- maybe this
should be fixed in gpg itself if this is the case?).

But i don't think these are the best heuristics.  Here are a few
possible reasonable heuristics:

 0) choose the most recently-generated key with full calculated validity
 on a matching User ID

 1) choose the strongest supported encryption-capable key (e.g. chosen
by bitlength) with full calculated validity on a matching User ID

 2) encrypt to all keys matching a given user ID

any thoughts about the right approach here?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090922/56626a51/attachment.bin>

From dkg at fifthhorseman.net  Tue Sep 22 09:51:25 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 22 Sep 2009 12:51:25 -0400
Subject: [Enigmail] key selection when multiple keys have full validity
In-Reply-To: <4AB8F80C.4000901@fifthhorseman.net>
References: <4AB8F80C.4000901@fifthhorseman.net>
Message-ID: <4AB9008D.9010907@fifthhorseman.net>

On 09/22/2009 12:15 PM, Daniel Kahn Gillmor wrote:
>  c) enigmail simply passes the user ID to gpg and lets gpg choose a
> matching key (gpg seems to choose the old key as well -- maybe this
> should be fixed in gpg itself if this is the case?).

After a bit more experimentation, this seems to be what is happening.

and gpg chooses the key based on some ordering stored in its internal
keyring.

I managed to change the internal ordering like this:

 gpg --export --export-options export-local 0xDEADBEEF > example
 gpg --delete-key 0xDEADBEEF
 gpg --import --import-options import-local < example

so now the ordering comes out reversed:

0 dkg at pip:~ $ gpg --list-key foo at example.com
pub   4096R/DECAFBAD 2009-06-20 [expires: 2010-06-20]
uid       [  full  ] Xavier Ample <foo at example.com>
sub   4096R/02020202 2009-06-20 [expires: 2010-06-20]

pub   1024D/DEADBEEF 2000-02-03
uid       [  full  ] Xavier Ample <foo at example.com>
sub   1024g/01010101 2000-02-03

0 dkg at pip:~ $

and enigmail now sends to DECAFBAD by default instead of DEADBEEF.  This
suggests that i should take this question to gnupg-users instead.  Sorry
for the noise here.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090922/c71f4896/attachment.bin>

From olav at seyfarth.de  Tue Sep 22 09:49:39 2009
From: olav at seyfarth.de (Olav Seyfarth)
Date: Tue, 22 Sep 2009 18:49:39 +0200
Subject: [Enigmail] key selection when multiple keys have full validity
In-Reply-To: <4AB8F80C.4000901@fifthhorseman.net>
References: <4AB8F80C.4000901@fifthhorseman.net>
Message-ID: <4AB90023.3010805@seyfarth.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Daniel,


if you set up a per receipient rule, then Enigmail will always
use the key specified there. Make sure you don't have ambivalent
rules. To further investigate

- - create a debug directory and enable Enigmail debugging
- - restart Thunderbird
- - just send a test mail to the receipient
  that Engimail always chooses the wrong key for
- - shut down Thunderbird
- - copy your pgprules.xml and prefs.js to the debug dir
- - send me that zipped debug dir

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkq5ACAACgkQL/NBt8fdKe3EbQCfe/wB5Mz7+2wbag+GrvYaK9rO
HoUAn3Frrfqaq9jAdWoM5RMOe4PSw3gD
=Vlgi
-----END PGP SIGNATURE-----

From olav at mozilla-enigmail.org  Tue Sep 22 10:02:35 2009
From: olav at mozilla-enigmail.org (Olav Seyfarth)
Date: Tue, 22 Sep 2009 19:02:35 +0200
Subject: [Enigmail] key selection when multiple keys have full validity
In-Reply-To: <4AB9008D.9010907@fifthhorseman.net>
References: <4AB8F80C.4000901@fifthhorseman.net>
	<4AB9008D.9010907@fifthhorseman.net>
Message-ID: <4AB9032B.9070403@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Daniel

> and enigmail now sends to DECAFBAD by default instead of DEADBEEF.

use per receipient rules to be independent of internal orderings.
If Enigmail doesn't obey correctly set up rules, then this is an
Enigmail bug.

> [export --- import]
> This suggests that i should take this question to gnupg-users instead.

Yes, since GnuPG should prefer newer keys aswell.

> Sorry for the noise here.

No noise at all. Interesting and educational for all.

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkq5AyoACgkQL/NBt8fdKe2f6gCgwOTKQLIWeHW4gOxLwTWTcpWJ
qKcAoIo1u7NXvHsECxgKE0mn/6KypWN5
=qIBb
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Tue Sep 22 10:16:13 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 22 Sep 2009 13:16:13 -0400
Subject: [Enigmail] key selection when multiple keys have full validity
In-Reply-To: <4AB9032B.9070403@mozilla-enigmail.org>
References: <4AB8F80C.4000901@fifthhorseman.net>	<4AB9008D.9010907@fifthhorseman.net>
	<4AB9032B.9070403@mozilla-enigmail.org>
Message-ID: <4AB9065D.3010202@fifthhorseman.net>

On 09/22/2009 01:02 PM, Olav Seyfarth wrote:
> use per receipient rules to be independent of internal orderings.
> If Enigmail doesn't obey correctly set up rules, then this is an
> Enigmail bug.

Yup, understood, thanks.  I know how to make a per-recipient rule, but I
was concerned with having enigmail do the Right Thing by default (since
most users are probably not going to want to think that much about how
to respond to another user's key transition).

i've just posted about this to gnupg-users [0], if folks are interested
in chiming in there.

	--dkg

[0] Message-ID: <4AB90539.7020809 at fifthhorseman.net>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090922/e44a0e4c/attachment.bin>

From John at Mozilla-Enigmail.org  Tue Sep 22 18:05:45 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Tue, 22 Sep 2009 20:05:45 -0500
Subject: [Enigmail] key selection when multiple keys have full validity
In-Reply-To: <4AB9065D.3010202@fifthhorseman.net>
References: <4AB8F80C.4000901@fifthhorseman.net>	<4AB9008D.9010907@fifthhorseman.net>	<4AB9032B.9070403@mozilla-enigmail.org>
	<4AB9065D.3010202@fifthhorseman.net>
Message-ID: <4AB97469.2040906@Mozilla-Enigmail.org>

Daniel Kahn Gillmor wrote:
> On 09/22/2009 01:02 PM, Olav Seyfarth wrote:
>> use per receipient rules to be independent of internal orderings.
>> If Enigmail doesn't obey correctly set up rules, then this is an
>> Enigmail bug.
> 
> Yup, understood, thanks.  I know how to make a per-recipient rule, but I
> was concerned with having Enigmail do the Right Thing by default (since
> most users are probably not going to want to think that much about how
> to respond to another user's key transition).

This same behavior happens when selecting a signing key based on the sender's
email address. That where most of us learned of GnuPG's key selection behavior
and why I tell users that it's best to explicitly specify signing keys by
(sub)key ID.


-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090922/f3bdbd6c/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Sep 23 08:01:08 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 23 Sep 2009 17:01:08 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4A828095.8050401@thalesgroup.com>
References: <4A828095.8050401@thalesgroup.com>
Message-ID: <4ABA3834.3070904@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Andreas Fenner wrote:
> Hi,
> 
> does anybody know if a build is in the pipeline for SeaMonkey 2.*?
> 
> I offer myself as a tester *g*

The latest nightly build of SeaMonkey contains now all the APIs required
for Enigmail. I.e. Enigmail works again on SeaMonkey.

- -Patrick


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSro4M3cOpHodsOiwAQg8Dgf/SRCwqPhMX+zU2VPx0PTPi9BzSaykLrxg
IGHjufMC9wBf3FFsX4cmig2BtCF0d/L6uNKvfJCwic3HN717tvnwqj6tH02RdrJW
DsEZGaxLxW2ginMatnyRi7ey5Ma8tURyGopL/0T22VZK4BvfQR3DRIBdCpUZLUhm
G5SODDd5quwT7GNVTo2cdOPTKlYnX+HwtYbYQOflJ4OQP3tvID3Mmb0wRklRK3ek
IykF8wZbEjvx+EOEWX/mmHHaXKrsfL4qgDmPDOTZvbWTRiJKn02arq0d3GaPsUH+
N7DcBrZG0Jc5xGoUYByNIgKlnQ448ioUKsnwqezn6c5B7fvE3couBQ==
=CHvv
-----END PGP SIGNATURE-----

From John at Mozilla-Enigmail.org  Wed Sep 23 08:56:05 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Wed, 23 Sep 2009 10:56:05 -0500
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4ABA3834.3070904@mozilla-enigmail.org>
References: <4A828095.8050401@thalesgroup.com>
	<4ABA3834.3070904@mozilla-enigmail.org>
Message-ID: <4ABA4515.6080704@Mozilla-Enigmail.org>

Patrick Brunschwig wrote:
> The latest nightly build of SeaMonkey contains now all the APIs required
> for Enigmail. I.e. Enigmail works again on SeaMonkey.

Thank you, Patrick.
-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090923/2a1b9eb8/attachment.bin>

From shavital at mac.com  Wed Sep 23 09:32:04 2009
From: shavital at mac.com (Charly Avital)
Date: Wed, 23 Sep 2009 12:32:04 -0400
Subject: [Enigmail] TB3+Enigmail
Message-ID: <4ABA4D84.5040402@mac.com>

Running: MacOS X 10.6.1 - gpg (GnuPG/MacGPG2) 2.0.12 with gpg-agent

Testing:
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.4pre)
Gecko/20090915 Thunderbird/3.0b4
with
Enigmail version 0.97a (20090923-0807)

Works fine, thank you for your work.
Charly




From mlisten at hammernoch.net  Wed Sep 23 11:16:40 2009
From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=)
Date: Wed, 23 Sep 2009 20:16:40 +0200
Subject: [Enigmail] TB3+Enigmail
In-Reply-To: <4ABA4D84.5040402@mac.com>
References: <4ABA4D84.5040402@mac.com>
Message-ID: <4ABA6608.5020505@hammernoch.net>

Hi Charly,

Charly Avital wrote on 23.09.09 18:32:
> Running: MacOS X 10.6.1 - gpg (GnuPG/MacGPG2) 2.0.12 with gpg-agent
> 
> Testing:
> Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.4pre)
> Gecko/20090915 Thunderbird/3.0b4
> with
> Enigmail version 0.97a (20090923-0807)
> 
> Works fine, thank you for your work.
> Charly

Thank you for testing! Good to know it works fine on 10.6!

Ludwig

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090923/baf86d8c/attachment.bin>

From Andreas.Fenner at thalesgroup.com  Thu Sep 24 03:57:01 2009
From: Andreas.Fenner at thalesgroup.com (Andreas Fenner)
Date: Thu, 24 Sep 2009 12:57:01 +0200
Subject: [Enigmail] Enigmail for SeaMonkey 2.0?
In-Reply-To: <4ABA3834.3070904@mozilla-enigmail.org>
References: <4A828095.8050401@thalesgroup.com>
	<4ABA3834.3070904@mozilla-enigmail.org>
Message-ID: <4ABB507D.6010803@thalesgroup.com>

Thanks Patrick!!

Am 23.9.2009 17:01 schrieb Patrick Brunschwig:

> The latest nightly build of SeaMonkey contains now all the APIs required
> for Enigmail. I.e. Enigmail works again on SeaMonkey.
> 
> -Patrick

I will test it in a few days.


Andreas
-- 
---------------------------------------+-------------------------------
Thales Rail Signalling Solutions GmbH  |
Dept. TS/ESP-2                         |
Lorenzstrasse 10                       |  phone: +49 711 869-49823
D-70435 Stuttgart                      |  fax:   +49 711 869-46598
---------------------------------------+-------------------------------
Sitz der Gesellschaft/Domicile of the Company: Stuttgart
Amtsgericht/District Court: Stuttgart HRB 720908
Gesch?ftsf?hrer/Managing Directors:
Hans Leibbrand (Vorsitzender/Chairman), Manfred Riedinger
-----------------------------------------------------------------------

From fwpgibbs at comcast.net  Thu Sep 24 13:55:11 2009
From: fwpgibbs at comcast.net (Fred Gibbs)
Date: Thu, 24 Sep 2009 16:55:11 -0400
Subject: [Enigmail] OpenPGP error - sent per your request
Message-ID: <4ABBDCAF.6070607@comcast.net>

Hello,

This error occured on both Thunderbird and SeaMonkey; new installations
on SuSE 11.1  x86..............I tried first with Thunderbird, it
failed, so I deleted the app and installed SeaMonkey and was met with
the same error.

Both attempts accepted the default settings. Can you offer any help?

Thanks,

Fred Gibbs
The error is attached as a .png file............................
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGPerror-seamonkey and Thunderbird
Type: image/png
Size: 145999 bytes
Desc: not available
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090924/1ba8c590/attachment-0001.png>

From patrick at mozilla-enigmail.org  Fri Sep 25 11:02:22 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Fri, 25 Sep 2009 20:02:22 +0200
Subject: [Enigmail] OpenPGP error - sent per your request
In-Reply-To: <4ABBDCAF.6070607@comcast.net>
References: <4ABBDCAF.6070607@comcast.net>
Message-ID: <4ABD05AE.1040201@mozilla-enigmail.org>

Fred Gibbs wrote:
> Hello,
> 
> This error occured on both Thunderbird and SeaMonkey; new installations
> on SuSE 11.1  x86..............I tried first with Thunderbird, it
> failed, so I deleted the app and installed SeaMonkey and was met with
> the same error.
> 
> Both attempts accepted the default settings. Can you offer any help?

GnuPG says what's wrong: no pinentry program found when using gpg-agent.

This link gives a short description of why gpg-agent is needed for
Enigmail and what needs to be done.

-Patrick


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090925/82d3aa85/attachment.bin>

From 2600denver at gmail.com  Sun Sep 27 12:51:02 2009
From: 2600denver at gmail.com (Ringo)
Date: Sun, 27 Sep 2009 15:51:02 -0400
Subject: [Enigmail] Some weird problems with Enigmail
Message-ID: <4ABFC226.8050902@gmail.com>

Hey Folks,

So I broke my enigmail install. I had been using Thunderbird+Enigmail on
Ubuntu Jaunty for some time now but I messed it up. I was reading that
GNUPG2 was better for desktop users so I installed it and it worked but
I didn't like the gpg-agent program (unable to copy and paste into it).
Once I removed it, enigmail no longer worked. I looked around and
somebody suggested I install pinetry-qt which I did but it had the same
issues as the gnupg2 agent.

I've backed up my keys for good measure.

Here's the error I get w/ enigmail:

/usr/bin/gpg --charset utf8  --batch --no-tty --status-fd 2 -d --use-agent
gpg: problem with the agent - disabling agent use
gpg: can't query passphrase in batch mode
gpg: Invalid passphrase; please try again ...
gpg: can't query passphrase in batch mode
gpg: Invalid passphrase; please try again ...
gpg: can't query passphrase in batch mode
gpg: encrypted with 4096-bit ELG-E key, ID 53D5FED2, created 2009-04-12
      "ringo <ringo at hackbloc.org>"
gpg: public key decryption failed: bad passphrase
gpg: decryption failed: secret key not available

In my enigmail settings I have explicitly told it NOT to use the gpg
agent but that doesn't seem to translate over. It never actually asks me
for a passphrase. It looks to me like gnupg2 over-wrote my gpg.conf. Is
there a way to force enigmail to re-write the conf file that doesn't
involve re-installing it and re-configuring everything? I believe there
is because I made this gnupg2 mistake before and remember that there was
a good solution.

Thanks for any help people can offer,

Ringo

From faramir.cl at gmail.com  Sun Sep 27 13:47:31 2009
From: faramir.cl at gmail.com (Faramir)
Date: Sun, 27 Sep 2009 16:47:31 -0400
Subject: [Enigmail] Some weird problems with Enigmail
In-Reply-To: <4ABFC226.8050902@gmail.com>
References: <4ABFC226.8050902@gmail.com>
Message-ID: <4ABFCF63.8070601@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ringo escribi?:
> Hey Folks,
> 
> So I broke my enigmail install. I had been using Thunderbird+Enigmail on
> Ubuntu Jaunty for some time now but I messed it up. I was reading that
> GNUPG2 was better for desktop users so I installed it and it worked but
> I didn't like the gpg-agent program (unable to copy and paste into it).
> Once I removed it, enigmail no longer worked. I looked around and
> somebody suggested I install pinetry-qt which I did but it had the same
> issues as the gnupg2 agent.

  As far as I know, GnuPG2 requires the usage of gpg-agent. So if you
remove gpg-agent, GnuPG2 won't work, and Enigmail requires a working
GnuPG in order to function.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJKv89jAAoJEMV4f6PvczxA/g4IAJ5GOsEusiQT9vzkAKHVxtZC
b8sBCsgCN7DAZxOnT+Q7kvBbo7wPwY429Hr3jdtHEBDNZkpVs0iMv5fruPKiwl/O
gOPybj1v5YUanCIwLri7Rgius7WzayohSCEY3ATys9V1anZaetWVOiPSd1Jnj22B
98WChNRlos4EYMpXQFYBuuM2s03pBWjqDCpCc0JX2rbZoEmZg200fJIUgjBkUWwX
y7WgFP2Xt6VqS+dkC4dWg7KinQFjfScX2/A710nN57t8zFwZhcTTa81Yb5WNrKqd
L8Q8YCqaMVxVVP9KxcAVSD+SCk4+VzCsj2bTeG8qmiOK0lrkwLfZRhgtXR2dQjw=
=UOUX
-----END PGP SIGNATURE-----

From 2600denver at gmail.com  Sun Sep 27 13:53:26 2009
From: 2600denver at gmail.com (Ringo)
Date: Sun, 27 Sep 2009 16:53:26 -0400
Subject: [Enigmail] Some weird problems with Enigmail
In-Reply-To: <4ABFCF63.8070601@gmail.com>
References: <4ABFC226.8050902@gmail.com> <4ABFCF63.8070601@gmail.com>
Message-ID: <4ABFD0C6.2050207@gmail.com>

"As far as I know, GnuPG2 requires the usage of gpg-agent. So if you
remove gpg-agent, GnuPG2 won't work, and Enigmail requires a working
GnuPG in order to function."

Sorry, I probably should have made this a little more clear. I removed
GNUPG2 so I am back to GNUPG (gpg v1). This is when I started getting
the weird errors.

From patrick at mozilla-enigmail.org  Mon Sep 28 02:11:16 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Mon, 28 Sep 2009 11:11:16 +0200
Subject: [Enigmail] OpenPGP error - sent per your request
In-Reply-To: <4ABD05AE.1040201@mozilla-enigmail.org>
References: <4ABBDCAF.6070607@comcast.net>
	<4ABD05AE.1040201@mozilla-enigmail.org>
Message-ID: <4AC07DB4.4060107@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Patrick Brunschwig wrote:
> Fred Gibbs wrote:
>> Hello,
>>
>> This error occured on both Thunderbird and SeaMonkey; new installations
>> on SuSE 11.1  x86..............I tried first with Thunderbird, it
>> failed, so I deleted the app and installed SeaMonkey and was met with
>> the same error.
>>
>> Both attempts accepted the default settings. Can you offer any help?
> 
> GnuPG says what's wrong: no pinentry program found when using gpg-agent.
> 
> This link gives a short description of why gpg-agent is needed for
> Enigmail and what needs to be done.

Sorry, forgot to add the link (thanks, Olav!):
<http://mozilla-enigmail.org/forum/viewtopic.php?f=10&t=249>

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSsB9sncOpHodsOiwAQjy8QgAw7a25XX8Dk/MCyfcGqMT5DZ3GTFn0M7+
mvVeQqmuYzlQBzSgoOYnIcgzRmwwsxBtcOcw0GcybYhN1Ay+B9Uni7W61qtWDDrH
mBA1PmwcJkdHN/gBgO0oFRiKaGd97OjrDCVWB9Sv+XpWCtVrNUaxch2oTM3wa/yi
HYS11gQQ6QmyfkmmkvkV711U9jhBYXgNYJ9yK/REd6tOZ3woy70BZU4qf2TzE7D6
N8G2MKvGhqp8Ka9kUD8O8NxtdrMkTWGkNYwhl9UR7pFQucDsLP70d7geMiPrOrob
EJuXHPC9i/pR6w9UECWY3LkMu5FqN5MCbsoeojmta0y9shoYOC7yMw==
=lrz0
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Mon Sep 28 02:13:48 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Mon, 28 Sep 2009 11:13:48 +0200
Subject: [Enigmail] Some weird problems with Enigmail
In-Reply-To: <4ABFD0C6.2050207@gmail.com>
References: <4ABFC226.8050902@gmail.com> <4ABFCF63.8070601@gmail.com>
	<4ABFD0C6.2050207@gmail.com>
Message-ID: <4AC07E4C.3050507@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ringo wrote:
> "As far as I know, GnuPG2 requires the usage of gpg-agent. So if you
> remove gpg-agent, GnuPG2 won't work, and Enigmail requires a working
> GnuPG in order to function."
> 
> Sorry, I probably should have made this a little more clear. I removed
> GNUPG2 so I am back to GNUPG (gpg v1). This is when I started getting
> the weird errors.

Then you should make sure that there is no environment variable
GPG_AGENT_INFO and disable the option "Use gpg-agent for passphrases" in
the advanced section of the OpenPGP Preferences.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSsB+SncOpHodsOiwAQgYUwgAo38wpvG2azex7ib+Wfj8v4SUxBfA2ZtD
TxYLq0u8HGOHAG4d5l+7KjRTJqmnxLJhdqcuRfkX3hM3RUUoCFc4ztuTtsphoB26
2kKPJxp7vlTnGcUxZ6jnJSRXfXWqivh09Sb6NiFWfKN5013ifeOavgHEgyr3TlV/
eipRQxBUyQCiUMlWwv7vIXJvtv+WaraZ5MdmRzIGrVMXauNm1Zrmn+1bghaFPQYQ
JjZnpy0fiy9/5ZdELvdrWjeGiYFqgzJ0VdujeV0yMVD5GTTWq8Ncs3MWeT+MeeiK
ifMs4tymLmlwUp6ZPc98kJkvH2WSNRWPbfQs7hb28kE3ZzoSkqYwBA==
=VgIC
-----END PGP SIGNATURE-----

From 2600denver at gmail.com  Mon Sep 28 12:00:23 2009
From: 2600denver at gmail.com (Ringo)
Date: Mon, 28 Sep 2009 15:00:23 -0400
Subject: [Enigmail] Some weird problems with Enigmail
In-Reply-To: <4AC07E4C.3050507@mozilla-enigmail.org>
References: <4ABFC226.8050902@gmail.com>
	<4ABFCF63.8070601@gmail.com>	<4ABFD0C6.2050207@gmail.com>
	<4AC07E4C.3050507@mozilla-enigmail.org>
Message-ID: <4AC107C7.9030407@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It seems that all that was required was to restart my computer. Either
that or the problem fixed itself some other way.

Thanks,
Ringo

Patrick Brunschwig wrote:
> Ringo wrote:
>> "As far as I know, GnuPG2 requires the usage of gpg-agent. So if you
>> remove gpg-agent, GnuPG2 won't work, and Enigmail requires a working
>> GnuPG in order to function."
> 
>> Sorry, I probably should have made this a little more clear. I removed
>> GNUPG2 so I am back to GNUPG (gpg v1). This is when I started getting
>> the weird errors.
> 
> Then you should make sure that there is no environment variable
> GPG_AGENT_INFO and disable the option "Use gpg-agent for passphrases" in
> the advanced section of the OpenPGP Preferences.
> 
> -Patrick
_______________________________________________
Enigmail mailing list
Enigmail at mozdev.org
https://www.mozdev.org/mailman/listinfo/enigmail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkrBB1YACgkQVRztCIhay+tqdgCfY2Hm+MgviHp9y1PFMB6l725E
22kAniKtmMhaiCTJHG+a1ewZ/CqttuOM
=egrw
-----END PGP SIGNATURE-----

From listen at story-games.at  Mon Sep 28 16:00:57 2009
From: listen at story-games.at (Aaron)
Date: Tue, 29 Sep 2009 01:00:57 +0200
Subject: [Enigmail] Unable to import attached keys
Message-ID: <4AC14029.3000902@story-games.at>

Hi everybody, I recently got into enigmail/gnupg again and for the most
part it workes without issues. I've only hit one problem though: If the
person I'm communicating with sends his public key as an attachment, I
can't import it through Enigmail.

It works if the same key is copied to the clipboard and pasted into the
mail, but fails even if I attach a key from my own keyring to a mail to
myself.

I'm using Enigmail 0.96.0, Thunderbird 2.0.0.23 and Gnupg 1.4.10 on a
Vista PC.

Anybody have any idea what is the issue here and how I might solve it?

Thanks in advance,

Aaron

From jmoore3rd at bellsouth.net  Mon Sep 28 16:09:49 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 28 Sep 2009 19:09:49 -0400
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC14029.3000902@story-games.at>
References: <4AC14029.3000902@story-games.at>
Message-ID: <4AC1423D.5040108@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Aaron wrote:

> Anybody have any idea what is the issue here and how I might solve it?

Well, since You're using an M$ O/S then I'd first like to ask what
happens when You 'Right Click' and choose 'OPEN'?  What App is selected
as Default?

Do You also have another GnuPG Frontend installed like GPGshell?
[http://www.jumaros.de/rsoft/index.html]  If so then Set GPG Tools as
the default App to Open files with OpenPGP extensions. [easily
accomplished during GPGshell install]

In Your Thunderbird 'Options' do You have 'Display Attachments' enabled?

JOHN ;)
Timestamp: Monday 28 Sep 2009, 19:09  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKwUI8AAoJEBCGy9eAtCsP0VAH/1NcGgAZrAVjFoDz7jk+js0c
x5IO9P74N1AYjkolUTGVjkgf0zcH+8b6HzW66gJ+fvM+8c2sCKlPNC0PS/G0J9BV
DD/agUHfbgCYwt53U2vNR5DlziFX6y4SGMHeK/RnMET0ntU0/icSP9gDRFy22JU9
PtBnWvBnCRczpdFrrnE84mKDdRlnZ6XytpBTT7MefOJotQRlC32amCVuwRfkYh0i
ngVdFKdCaKJ8Z3id/mea6LtbyIhzmMR75WLL9JzB1szjqJopZsIpGWiK0a5aQE1c
kjFVmEInN8VG4CDlN1N/EkL6cAUoYdM1x4zTbDbxgiGaZmc0faxTfkMbKG+jNyk=
=FV2n
-----END PGP SIGNATURE-----

From listen at story-games.at  Mon Sep 28 16:37:56 2009
From: listen at story-games.at (Aaron)
Date: Tue, 29 Sep 2009 01:37:56 +0200
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC1423D.5040108@bellsouth.net>
References: <4AC14029.3000902@story-games.at> <4AC1423D.5040108@bellsouth.net>
Message-ID: <4AC148D4.90407@story-games.at>

John W. Moore III wrote:
> Well, since You're using an M$ O/S then I'd first like to ask what
> happens when You 'Right Click' and choose 'OPEN'?  What App is selected
> as Default?

None for the .asc file ending of the attached public so, so when I
select "Open" I have to choose a problem. That wasn't what I tried,
though. I tried choosing Right Click -> Import OpenPGP Key, but then I
got the error message "Error: Key Importing Failed, Error: No valid
armored OpenPGP block found".

> Do You also have another GnuPG Frontend installed like GPGshell?
> [http://www.jumaros.de/rsoft/index.html]  If so then Set GPG Tools as
> the default App to Open files with OpenPGP extensions. [easily
> accomplished during GPGshell install]

I have WinPT installed, but don't really use it. I'll try that, though.
Still, it seems weird that the "Import OpenPGP Key" option doesn't work
when it works just fine with a more or less identical (as far as TB,
Enigmail and Gnupg versions) install on another (XP) machine.

> 
> In Your Thunderbird 'Options' do You have 'Display Attachments' enabled?

The only attachment-related option I found if TBs "Options" are about
whether I want to be asked where to safe an attachment or if it should
be safed in a specific location. I didn't see any "Display Attachment"
option and in any case I see the attachment, I can click and safe it and
so on. It's just that the ricght-click "Import OpenPGP Key" option
doesn't seem to work for some reason. :)

Aaron

From listen at story-games.at  Mon Sep 28 16:40:51 2009
From: listen at story-games.at (Aaron)
Date: Tue, 29 Sep 2009 01:40:51 +0200
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC148D4.90407@story-games.at>
References: <4AC14029.3000902@story-games.at> <4AC1423D.5040108@bellsouth.net>
	<4AC148D4.90407@story-games.at>
Message-ID: <4AC14983.4070909@story-games.at>

Aaron wrote:

> None for the .asc file ending of the attached public so, so when I
> select "Open" I have to choose a problem. 

Argh, I mean I have to choose a *program*. Time to go to bed, I guess. :D

Aaron

From jmoore3rd at bellsouth.net  Mon Sep 28 16:48:20 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 28 Sep 2009 19:48:20 -0400
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC148D4.90407@story-games.at>
References: <4AC14029.3000902@story-games.at> <4AC1423D.5040108@bellsouth.net>
	<4AC148D4.90407@story-games.at>
Message-ID: <4AC14B44.8080904@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Aaron wrote:

> The only attachment-related option I found if TBs "Options" are about
> whether I want to be asked where to safe an attachment or if it should
> be safed in a specific location. I didn't see any "Display Attachment"
> option and in any case I see the attachment, I can click and safe it and
> so on. It's just that the ricght-click "Import OpenPGP Key" option
> doesn't seem to work for some reason. :)

- From the Menu:  'View' >> 'Display Attachments Inline' and this might
allow You to use the 'Decrypt' button.

JOHN ;)
Timestamp: Monday 28 Sep 2009, 19:48  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKwUtCAAoJEBCGy9eAtCsP2V0H/A5Vs1a9UlhoyW6A7KUURwua
hsrxGAyjz02O+yTgWd0EupHfOei54F/m+EYs1PH8bH0OTQRWASrxV9J3PvmkOKQ/
AXoPeRoatIzZbMjE8f8XX83P3/kJwvvx/hF/rVpNhepX8602eQgQNVv/6dP51kjM
CQUTGcrzqMzUp3yDVuG12OBuFwvXAFJa/tw4FF0mMT6hnJnvhiaTe6673YM6Tvt0
QNli2/8JAwkHQtHzieioDP1A9EbUtJmSFFBiNKcK19DsC4aAl/PKthBwMmODwB3l
TMfigbBKoN1hHKpjWYPVkdaPU98Ql1pxqSnoY+8xIDgEhoZpPrgJ29048tieIxA=
=yYtD
-----END PGP SIGNATURE-----

From jmoore3rd at bellsouth.net  Mon Sep 28 16:49:04 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Mon, 28 Sep 2009 19:49:04 -0400
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC14983.4070909@story-games.at>
References: <4AC14029.3000902@story-games.at>
	<4AC1423D.5040108@bellsouth.net>	<4AC148D4.90407@story-games.at>
	<4AC14983.4070909@story-games.at>
Message-ID: <4AC14B70.9090303@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Aaron wrote:
> Aaron wrote:
> 
>> None for the .asc file ending of the attached public so, so when I
>> select "Open" I have to choose a problem. 
> 
> Argh, I mean I have to choose a *program*. 

Try 'choosing' WinPT.

JOHN ;)
Timestamp: Monday 28 Sep 2009, 19:49  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKwUtvAAoJEBCGy9eAtCsPpJ4H/0dsQHL/9JUwYkBIvMPjQdSh
ugqN3F0MuWGmNlNsbV22xK+AcA5HjhDhANsrpyMCBpQCIOkfQKj9YXOWj3XF/RhC
K4ZlPOMIX9F6qHvO88jFWZi9meajkyUCn7UchH05jDxCp2Sd+JU9MvpdwfIK592L
14q8OgxtfN/XCEx9hn2Zq4WX9pd0T1zsNvEiu3Z0HQbtC/0n7Ap0Iw2+0SGL+Zi+
6GHaZTcGkwz3C5Kgqe4n8RxQ/QwUDACo3QTVF0YHByNplVcEJEzMejMkQQHtbsSu
052bOI1ZbXQ2w8Ex5IulFT21Rx2w5OR0ItHPmlK2hbfsTa4rRJbpryBoR3ms0XU=
=XoX3
-----END PGP SIGNATURE-----

From listen at story-games.at  Mon Sep 28 17:03:08 2009
From: listen at story-games.at (Aaron)
Date: Tue, 29 Sep 2009 02:03:08 +0200
Subject: [Enigmail] Unable to import attached keys
In-Reply-To: <4AC14B44.8080904@bellsouth.net>
References: <4AC14029.3000902@story-games.at>
	<4AC1423D.5040108@bellsouth.net>	<4AC148D4.90407@story-games.at>
	<4AC14B44.8080904@bellsouth.net>
Message-ID: <4AC14EBC.8030406@story-games.at>

John W. Moore III wrote:
> - From the Menu:  'View' >> 'Display Attachments Inline' and this might
> allow You to use the 'Decrypt' button.
> 
> JOHN ;)
> Timestamp: Monday 28 Sep 2009, 19:48  --400 (Eastern Daylight Time)

This option is already activated. Also, the problem is not that I can't
decrypt mails themselves, that works perfectly fine. What doesn't work
is right-clicking on the attached public key and import it directly in
Enigmail, using the "Import OpenPGP Key" option.

Or am I missing something here?

John W. Moore III wrote:
> Try 'choosing' WinPT.
>
> JOHN ;)
> Timestamp: Monday 28 Sep 2009, 19:49  --400 (Eastern Daylight Time)

Tried it and importing the key using WinPT seems to work. Still finding
SOME way to import a key isn't really the issue, as I could just as well
copy-paste it into the mail itself and import it that way. It's just
annoyingly confusing that there is this big shiney option right there in
Enigmail that works at my gfs machine but not on this one.

Still, thanks for the help.

Aaron

From dkg at fifthhorseman.net  Mon Sep 28 17:35:29 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Mon, 28 Sep 2009 20:35:29 -0400
Subject: [Enigmail] enigmail should never sign drafts
Message-ID: <4AC15651.8040006@fifthhorseman.net>

I find that when i am writing a message in thunderbird with enigmail
installed, and the message is set to be both signed and encrypted,
thunderbird tries to sign and encrypt my drafts before saving them.

I'm all for encrypting drafts (they should be only self-encrypted, not
encrypted to the recipient, since that might be under draft
consideration as well), but the drafts should certainly never be signed.
 Not only does this behavior leave me with signed half-thoughts, but it
interrupts my workflow by prompting me for a signing passphrase, and
then going through a series of (3?) prompts if i cancel the signature
for the draft.

I'm seeing this on a Debian system, running icedove 2.0.0.22-1 (from
unstable) and enigmail 0.95.7-1 (from experimental).  I'm using gnupg
1.4.10-2, if that matters.

possibly-relevant settings:

 * "Remember passphrase for __ minutes of idle time" is set to 0

 * "never ask for any passphrase" is checked

 * "Use gpg-agent for passphrases" is *not* checked.

 * my gpg installation knows how to use the gpg-agent itself

 * "Add my own key to the recipients list" is checked.


Can other folks replicate this behavior (signed drafts)?  Any thoughts
about what the right behavior should be?

	--dkg

PS I reported this bug against the debian package back in 2008, but i
don't think it ever got forwarded upstream:

  http://bugs.debian.org/508766


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090928/8c011627/attachment.bin>

From jedi_darklighter at hotmail.com  Tue Sep 29 16:12:51 2009
From: jedi_darklighter at hotmail.com (Biggs Darklighter)
Date: Tue, 29 Sep 2009 18:12:51 -0500
Subject: [Enigmail] Key Photo
Message-ID: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>

Im sure this is a fairly simple and easy question to answer but I cant
seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?
-- 
Take care and may God be with you.
Sincerely,
           Chris

KeyID: 0x348DC808
Keyserver: pool.sks-keyservers.net

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090929/875e6ce9/attachment.bin>

From jmoore3rd at bellsouth.net  Tue Sep 29 16:25:12 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Tue, 29 Sep 2009 19:25:12 -0400
Subject: [Enigmail] Key Photo
In-Reply-To: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
References: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
Message-ID: <4AC29758.6050402@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Biggs Darklighter wrote:
> Im sure this is a fairly simple and easy question to answer but I cant
> seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?

Simply 'Add' the pic as a User ID under Enigmail Key Management.

HTH

JOHN ;)
Timestamp: Tuesday 29 Sep 2009, 19:25  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKwpdWAAoJEBCGy9eAtCsPK1YIAJLRWkd2ufe++JE0K21ubK3M
rDPJsihwsRxTjd2f8CDm4o2mSO18Jz6dF5PCoShfkyPX0RtxSBmIXKMcy/wOuayf
2m8Yow0czYf5CwfKMmMUJk4trfZOUkFZzeds45A/1HyMHtLRrHAxic99d97seI7y
PcsOPSQ5fpDm4KvS7NqMsWpiWktqOnYGpgYagx1qSxuZjcDJqHC0vOouXLW+bGxd
DkZpOkScGYZmF+atoI3phHcCmXVzPwbKmmMlAqUZfj4ZrM1ZSTTEwMUh1ra0gaJg
oUvkIBFWEh1+I5620D4ioX+HpJ41v1cIV2gJl6Ksf2hXH7xvdE25eiwz60wq1sA=
=dIJA
-----END PGP SIGNATURE-----

From John at Mozilla-Enigmail.org  Tue Sep 29 16:47:21 2009
From: John at Mozilla-Enigmail.org (John Clizbe)
Date: Tue, 29 Sep 2009 18:47:21 -0500
Subject: [Enigmail] Key Photo
In-Reply-To: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
References: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
Message-ID: <4AC29C89.9020006@Mozilla-Enigmail.org>

Biggs Darklighter wrote:
> Im sure this is a fairly simple and easy question to answer but I cant
> seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?

Well, you can add it in Enigmail's Key Management applet... but since you asked
how in GnuPG 1.4.9:

     gpg --edit-key 0xdecafbad addphoto

Image must be a JPEG. Size it close to 240x288. Try to keep it <= 6KB
Think "Passport Photo" and you'll do just fine.

-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090929/b3fdca01/attachment.bin>

From jedi_darklighter at hotmail.com  Tue Sep 29 18:23:52 2009
From: jedi_darklighter at hotmail.com (Biggs Darklighter)
Date: Tue, 29 Sep 2009 20:23:52 -0500
Subject: [Enigmail] Key Photo
In-Reply-To: <4AC29C89.9020006@Mozilla-Enigmail.org>
References: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
	<4AC29C89.9020006@Mozilla-Enigmail.org>
Message-ID: <BLU0-SMTP9191792D95524DCF08B112E7D40@phx.gbl>

I cant seem to find it under the Key Management applet and when i type
"gpg --edit-key 0x348dc808 addphoto " the program does nothing. I am
using Thunderbird 2.0.0.23, enigmail 0.96.0, GnuPG 1.4.9 as a portable
application from portableapps.com. I dont know if this function was
disabled in there programming or not. Any ideas?
Take care and may God be with you.
Sincerely,
           Chris


KeyID: 0x348DC808
Keyserver: pool.sks-keyservers.net

John Clizbe wrote:
> Biggs Darklighter wrote:
>> Im sure this is a fairly simple and easy question to answer but I cant
>> seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?
> 
> Well, you can add it in Enigmail's Key Management applet... but since you asked
> how in GnuPG 1.4.9:
> 
>      gpg --edit-key 0xdecafbad addphoto
> 
> Image must be a JPEG. Size it close to 240x288. Try to keep it <= 6KB
> Think "Passport Photo" and you'll do just fine.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090929/098d3bc1/attachment.bin>

From post at lespocky.de  Wed Sep 30 00:48:35 2009
From: post at lespocky.de (Alexander Dahl)
Date: Wed, 30 Sep 2009 09:48:35 +0200
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC15651.8040006@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>
Message-ID: <0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>

Hei,

> Can other folks replicate this behavior (signed drafts)?  Any thoughts
> about what the right behavior should be?

I know this behaviour and it's annoying to type your passphrase in the
middle of writing a longer mail several times with no obvious use. I'm
using enigmail quite a while now on Windows, Debian and other systems,
so I'm not entirely sure, where this occurs exactly. I'll watch this and
report.

Greets
Alex

-- 
?With the first link, the chain is forged. The first speech censured,
the first thought forbidden, the first freedom denied, chains us all
irrevocably.? (Jean-Luc Picard, quoting Judge Aaron Satie)
*** GnuPG-FP: 02C8 A590 7FE5 CA5F 3601  D1D5 8FBA 7744 CC87 10D0 ***

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/cd3dd8d0/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Sep 30 08:16:41 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 30 Sep 2009 17:16:41 +0200
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>
References: <4AC15651.8040006@fifthhorseman.net>
	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>
Message-ID: <4AC37659.6060701@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Alexander Dahl wrote:
> Hei,
> 
>> Can other folks replicate this behavior (signed drafts)?  Any thoughts
>> about what the right behavior should be?
> 
> I know this behaviour and it's annoying to type your passphrase in the
> middle of writing a longer mail several times with no obvious use. I'm
> using enigmail quite a while now on Windows, Debian and other systems,
> so I'm not entirely sure, where this occurs exactly. I'll watch this and
> report.

Enigmail only automatically signs drafts if you once instructed Enigmail
to do so. When auto-saving, there is a question asking if the draft
should be encrypted with a checkbox "Do not ask again". If you clicked
"yes" and activated that checkbox, then the obvious happens: Enigmail
will encrypt any future drafts.

To reset any warnings, go to OpenPGP > Preferences, click on "Display
expert settings"; then switch to the "Advanced" tab and click on "Reset
Warnings".

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSsN2V3cOpHodsOiwAQjFfggAohMhAkhq6HzZgOecPg9BIdsF4mfWcwVt
1QbJEjXOXwoG5rX7s9akXns8Lm054Q+iyLvylFUIOwRMw7pnmrV+eyMtOJF97Vlv
NRBCAoGO89kKnm0QNwY/gBS+EdGRAL2RQodids3pCXdTtjd5U4f1WjFfaVJU3Pup
q5Sq7WMPhHp081fz4KWEv9gGbPVIMJNfC0PtGpzXbK+eoZZq9kk9QgxRbZlhatvO
urvLh+hBw/8FHOfKMx8qcVoflGB9qj35W595vnWTBjrWjUA9GYOHrAMwN3zZNj2b
d8rFZKWbSWFQaJc1sVVeYrs4626tspL4KyfRbjBxpxVlu1LzEHwz8Q==
=VItz
-----END PGP SIGNATURE-----

From patrick at mozilla-enigmail.org  Wed Sep 30 08:28:10 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 30 Sep 2009 17:28:10 +0200
Subject: [Enigmail] Key Photo
In-Reply-To: <4AC29758.6050402@bellsouth.net>
References: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>
	<4AC29758.6050402@bellsouth.net>
Message-ID: <4AC3790A.7010806@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

John W. Moore III wrote:
> Biggs Darklighter wrote:
>> Im sure this is a fairly simple and easy question to answer but I cant
>> seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?
> 
> Simply 'Add' the pic as a User ID under Enigmail Key Management.

I'm not aware of having implemented such a function yet ... ;-)

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSsN5AHcOpHodsOiwAQi54wf/XxaWFCxNOB3ZFoY6R3ZFtKxqTXAlSTjS
A4KaRSfXMslXcGQlRx8upgSAbwAX+XIAJqtTlAJFnVYc/q6ewg5oEc6jvanfRQZI
/4dXXgwgSja/OC1vfq449J4XyD05CzgO9sOJEEB4cQPDXYkNaUGQMXC3xYA5qoIm
KaWUlGhffGbQcnIOpB4lJa8lXqfI92WDfhTmN0jpDh22K0nBNvAMFU97mQSuRk7z
Qn3nRkc+f1pDY9PhV9aSN5yKXcFxqZ8f2vyBMNLbwVG6YBTr+OY4PCXbduOd2Ikg
kSK5RT7UaFjzxwfPEbaVPfUwKk2aViStX2t/cCTLJnENy1mLPCAymA==
=4Vb5
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Wed Sep 30 09:16:55 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Wed, 30 Sep 2009 12:16:55 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC37659.6060701@mozilla-enigmail.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>
	<4AC37659.6060701@mozilla-enigmail.org>
Message-ID: <4AC38477.7080808@fifthhorseman.net>

On 09/30/2009 11:16 AM, Patrick Brunschwig wrote:
> Enigmail only automatically signs drafts if you once instructed Enigmail
> to do so. When auto-saving, there is a question asking if the draft
> should be encrypted with a checkbox "Do not ask again". If you clicked
> "yes" and activated that checkbox, then the obvious happens: Enigmail
> will encrypt any future drafts.

but encryption is not signing.  I *want* enigmail to encrypt my drafts.
 I *do not want* enigmail to ever attempt to *sign* my drafts.

I can't see why anyone would want to sign their drafts, for that matter.

> To reset any warnings, go to OpenPGP > Preferences, click on "Display
> expert settings"; then switch to the "Advanced" tab and click on "Reset
> Warnings".

Will this let me distinguish between signing and encryption of drafts?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/8730f4ee/attachment.bin>

From patrick at mozilla-enigmail.org  Wed Sep 30 09:30:26 2009
From: patrick at mozilla-enigmail.org (Patrick Brunschwig)
Date: Wed, 30 Sep 2009 18:30:26 +0200
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC38477.7080808@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>
	<4AC38477.7080808@fifthhorseman.net>
Message-ID: <4AC387A2.5040301@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Daniel Kahn Gillmor wrote:
> On 09/30/2009 11:16 AM, Patrick Brunschwig wrote:
>> Enigmail only automatically signs drafts if you once instructed Enigmail
>> to do so. When auto-saving, there is a question asking if the draft
>> should be encrypted with a checkbox "Do not ask again". If you clicked
>> "yes" and activated that checkbox, then the obvious happens: Enigmail
>> will encrypt any future drafts.
> 
> but encryption is not signing.  I *want* enigmail to encrypt my drafts.
>  I *do not want* enigmail to ever attempt to *sign* my drafts.

If you choose to encrypt drafts, Enigmail simply uses the signing &
encryption settings of the message. but you're right, that doesn't seem
to be very clever. I'll fix it.

> 
> I can't see why anyone would want to sign their drafts, for that matter.
> 
>> To reset any warnings, go to OpenPGP > Preferences, click on "Display
>> expert settings"; then switch to the "Advanced" tab and click on "Reset
>> Warnings".
> 
> Will this let me distinguish between signing and encryption of drafts?

not yet

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSsOHoHcOpHodsOiwAQgXiwgAtk67ppwckl1IE+MLakjJVqCv3G365kj+
11cAlNGfR11pVFDAUKVt1QcRgj/Nu1YhNfp4O6TEvgVTReL5NAjuQOq1O7nWDAFk
HRqlqisPUwlUqSQAzw7gw2Pdx4CZCtS18OxOOUrz2qacR+Ddr6bRPim7KM3ooY54
eVeY+X5V7doTCSpL8StvO20kRLTw4WQQQx2YvPx5xFDJViQOadq37LuJtmQeL8KZ
dnA8PewzIE2YZoEwt+LeFPpTEDg2xp8qSpOb145Hq6KRITCZbrMt0oemWF9pQcSd
McH8R8w+3MQzOYJMF/FuO9SOSkqGBFwFIjD8edgjlNKJa0ilieKaDw==
=lqTr
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Wed Sep 30 10:35:29 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Wed, 30 Sep 2009 13:35:29 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC387A2.5040301@mozilla-enigmail.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>
	<4AC387A2.5040301@mozilla-enigmail.org>
Message-ID: <4AC396E1.4080404@fifthhorseman.net>

On 09/30/2009 12:30 PM, Patrick Brunschwig wrote:
> If you choose to encrypt drafts, Enigmail simply uses the signing &
> encryption settings of the message. but you're right, that doesn't seem
> to be very clever. I'll fix it.

Thanks, Patrick!  While you're digging around in that part of the code,
i suggest that the encryption of drafts should *only* be "encrypt to
self", not to any potential (draft) recipients.

My reasoning for this is that everything (even the recipient list) has
not been committed to by the author of the message.  If Alice's enigmail
encrypts her draft to the potential recipient Bob, and Bob has access to
Alice's draft folder, Bob can read something that Alice has not yet
decided to send to Bob.  (e.g. an angry "why is my sysadmin so stupid"
letter, an "i quit" letter, etc)

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/ac82fb44/attachment-0001.bin>

From jmoore3rd at bellsouth.net  Wed Sep 30 11:11:53 2009
From: jmoore3rd at bellsouth.net (John W. Moore III)
Date: Wed, 30 Sep 2009 14:11:53 -0400
Subject: [Enigmail] Key Photo
In-Reply-To: <4AC3790A.7010806@mozilla-enigmail.org>
References: <BLU0-SMTP64EE919FD171E2D284ED56E7D50@phx.gbl>	<4AC29758.6050402@bellsouth.net>
	<4AC3790A.7010806@mozilla-enigmail.org>
Message-ID: <4AC39F69.1010108@bellsouth.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Patrick Brunschwig wrote:
> John W. Moore III wrote:
>> Biggs Darklighter wrote:
>>> Im sure this is a fairly simple and easy question to answer but I cant
>>> seem to find it. How do you attach a picture to your key using GnuPG 1.4.9 ?
> 
>> Simply 'Add' the pic as a User ID under Enigmail Key Management.
> 
> I'm not aware of having implemented such a function yet ... ;-)

Hmm...  Well, I guess I'm 'Busted'.  I don't really use the Enigmail Key
Manager functions.  My primary 'Key Manager' is GPGshell.  Occasionally
I use Enigmail's Key Manager to strip the revoked UID's from My copy of
My key. I would probably use 'Key Manager' more often if Enigmail
offered an easy way to access the --edit Command Line screen.

JOHN ;)
Timestamp: Wednesday 30 Sep 2009, 14:10  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJKw59iAAoJEBCGy9eAtCsPh3kH/0FKNEsTM+air3wpzzNtZ2lt
RU4P1RUNbXSICrKJflKtVOPu5aXgD7z21NVNnHx468m2VgAb32u0502z+9dSZ7t8
LvnnD8fSDpcp+RdcIvMetmmSAOWnfU5lABFCdwOonxXzzbbtBwzceBCAraTMlHZA
p5d8/2YgrJOqpCWMq9q4nDXyLbIGnXzkEAqEHgxIyuwUAPeri9lrUy1yFM687hO9
Xy34sJkl/Y3HXsLHWRl4AQ08jAFDVCOYC8iAhqdgWLjdXLnSNfEpiwHI1C8DuF6j
AhanZqD/twqYf1xAx+j6UdD50ork6FhgsfSnfI+IJSdKQ/PKlbi/yHDOMHPeNgk=
=zSAd
-----END PGP SIGNATURE-----

From rjh at sixdemonbag.org  Wed Sep 30 11:24:16 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Wed, 30 Sep 2009 14:24:16 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC38477.7080808@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>
	<4AC38477.7080808@fifthhorseman.net>
Message-ID: <4AC3A250.1010803@sixdemonbag.org>

Daniel Kahn Gillmor wrote:
> I can't see why anyone would want to sign their drafts, for that matter.

Whenever anyone says "I can't see why anyone would want to X," it's
usually a good sign they haven't thought about it very much.

For instance, if I was a lawyer I would want every single electronic
document I prepared -- draft or not -- to be digitally signed.

If a judge asks me if I've taken due diligence with my electronic
documents, and the judge knows the correct answer involves digital
signatures, I want to be able to tell the judge, "yes, your honor, I
used digital signatures on everything."

I don't want to have to spend an hour persuading the judge that yes,
sure, I deviated from the local bar association's best-practices
recommendation, but that was only because their BPR was stupid and
didn't understand the problem.

If I succeed, then great, I'm not in trouble, but the judge will
probably think I'm a wiseass who thinks the rules don't apply to me.  If
I fail, then I'm in trouble /and/ the judge thinks I'm a wiseass who
broke rules that very definitely applied to me.

From dkg at fifthhorseman.net  Wed Sep 30 11:55:22 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Wed, 30 Sep 2009 14:55:22 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3A250.1010803@sixdemonbag.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>
	<4AC3A250.1010803@sixdemonbag.org>
Message-ID: <4AC3A99A.8060104@fifthhorseman.net>

On 09/30/2009 02:24 PM, Robert J. Hansen wrote:
> Daniel Kahn Gillmor wrote:
>> I can't see why anyone would want to sign their drafts, for that matter.
> 
> Whenever anyone says "I can't see why anyone would want to X," it's
> usually a good sign they haven't thought about it very much.

fair enough, i walked right into that one by exposing a mental
generalizations on the internet.

> For instance, if I was a lawyer I would want every single electronic
> document I prepared -- draft or not -- to be digitally signed.

It looks like you've conflated legal drafts with e-mail drafts, so i'm
not sure we're talking about the same same issue.

If you sign all your e-mail drafts, what does your digital signature mean?

If i offer a signed e-mail from you as evidence of something that you
promised (for example), will you turn around and say "i never sent that,
it is meaningless because it was just a draft, and i sign all my drafts"?

If so, i'd suggest that your digital signature just lost some utility on
e-mail: what's to stop you from using that same defense around an e-mail
that i legitimately received?

> I don't want to have to spend an hour persuading the judge that yes,
> sure, I deviated from the local bar association's best-practices
> recommendation, but that was only because their BPR was stupid and
> didn't understand the problem.

If you could point me toward such a best-practices document, i'd be
interested in reading it.  The way you've described it, it sounds to me
that they've significantly diluted the meaning associated with the
signatures of those who follow their guidelines.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/bb80062d/attachment.bin>

From alaric at metrocast.net  Wed Sep 30 13:18:29 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Wed, 30 Sep 2009 16:18:29 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC396E1.4080404@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC387A2.5040301@mozilla-enigmail.org>
	<4AC396E1.4080404@fifthhorseman.net>
Message-ID: <4AC3BD15.5080802@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Daniel Kahn Gillmor wrote:
> On 09/30/2009 12:30 PM, Patrick Brunschwig wrote:
>> If you choose to encrypt drafts, Enigmail simply uses the signing &
>> encryption settings of the message. but you're right, that doesn't seem
>> to be very clever. I'll fix it.
> 
> Thanks, Patrick!  While you're digging around in that part of the code,
> i suggest that the encryption of drafts should *only* be "encrypt to
> self", not to any potential (draft) recipients.

I concur, and by the same reasoning.


- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkrDvRQACgkQ0DfOju+hMkmCnwCfaxNFpiE2ezh7H4x+71vXd+ka
e+4AoLAWKmiEVUt8SDUGGSFSl9Ypm8dS
=0eYF
-----END PGP SIGNATURE-----

From alaric at metrocast.net  Wed Sep 30 13:25:07 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Wed, 30 Sep 2009 16:25:07 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3A250.1010803@sixdemonbag.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>
	<4AC3A250.1010803@sixdemonbag.org>
Message-ID: <4AC3BEA3.9040703@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
> Daniel Kahn Gillmor wrote:
>> I can't see why anyone would want to sign their drafts, for that matter.
> 
> Whenever anyone says "I can't see why anyone would want to X," it's
> usually a good sign they haven't thought about it very much.
> 
> For instance, if I was a lawyer I would want every single electronic
> document I prepared -- draft or not -- to be digitally signed.

Funny, I was thinking a lawyer would be almost the definitive example of
someone who would NOT want incomplete drafts, that might differ in
important material details from the final message, to be signed.


- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkrDvqIACgkQ0DfOju+hMkkILwCeP4UYxj+xTxIIWtsSzlcAqRoE
2aUAn2IXm1bMkF2kTSptNfAuu3L5V3Co
=8WD5
-----END PGP SIGNATURE-----

From rjh at sixdemonbag.org  Wed Sep 30 14:02:09 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Wed, 30 Sep 2009 17:02:09 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3A99A.8060104@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>
	<4AC3A99A.8060104@fifthhorseman.net>
Message-ID: <4AC3C751.9010607@sixdemonbag.org>

Daniel Kahn Gillmor wrote:
> It looks like you've conflated legal drafts with e-mail drafts, so i'm
> not sure we're talking about the same same issue.

An email from your attorney is a legal document.  It may not be a
contract or a pleading, but lawyers are required to adhere to certain
professional standards in their communications.

> If you sign all your e-mail drafts, what does your digital signature mean?

[shrug]  Who cares?  The question isn't what your digital signature
"means".  The question is whether your profession or workplace has a
rule which says there must be document integrity measures in place
throughout the life of the document.

If there is such a rule, and if emails are considered "documents" under
that rule, then congratulations, you've answered your own question.
What it means is, you're upholding your professional standards, your
corporation's policy, etc., etc.

> If i offer a signed e-mail from you as evidence of something that you
> promised (for example), will you turn around and say "i never sent that,
> it is meaningless because it was just a draft, and i sign all my drafts"?
> 
> If so, i'd suggest that your digital signature just lost some utility on
> e-mail: what's to stop you from using that same defense around an e-mail
> that i legitimately received?

What's to keep you from stealing a draft of a handwritten letter off my
desk, and using that as evidence that I promised to do X?

The courts have ways to resolve these issues.  If you say "you delivered
it to me and it's signed, therefore it represents a binding contract,"
I'm allowed to say, "I want your email server and I want to give the
entire system over to a computer forensicist in order to prove that no
document was received."

You're inventing a problem where no problem exists.  The same techniques
that work for repudiating a normal document also work for repudiating a
digitally signed document.

> If you could point me toward such a best-practices document, i'd be
> interested in reading it.  The way you've described it, it sounds to me
> that they've significantly diluted the meaning associated with the
> signatures of those who follow their guidelines.

Again, who cares?  The question isn't whether they've done something
stupid.  (If they have, do you really think they'd listen to you?  They
sure didn't listen to me.)  The question is whether they can enforce the
rules they have in place -- and that answer is very usually _yes_.

For the record, I was the lead sysadmin for a law firm of about 200
people during 2002-2003.  Yes, we did have document integrity policies
in place.  These policies existed because we wanted to be able to give
our customers assurances that documents had end-to-end protection from
unauthorized changes.

Our customers demanded we have end-to-end protection.  I'm unable to
tell you why, or to even speculate: if I did I would be violating client
privilege.  Don't ask.

From rjh at sixdemonbag.org  Wed Sep 30 14:07:11 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Wed, 30 Sep 2009 17:07:11 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3BEA3.9040703@metrocast.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>
	<4AC3BEA3.9040703@metrocast.net>
Message-ID: <4AC3C87F.9010105@sixdemonbag.org>

Phil Stracchino wrote:
> Funny, I was thinking a lawyer would be almost the definitive example of
> someone who would NOT want incomplete drafts, that might differ in
> important material details from the final message, to be signed.

Depends on what the client wants and why.  Some clients have very
demanding needs with respect to document integrity.

One simple way to deal with this is to have a public key which belongs
to, "Smith & Smith PLC (INTERNAL DRAFTS)", and use that to sign
non-finalized documents.  When the document goes out the door, have your
document release guy sign the document with "Smith & Smith PLC (RELEASE)".

Presto, best of both worlds: you get document integrity without any
concern that someone will be able to present it as a finished document.

From alaric at metrocast.net  Wed Sep 30 14:55:13 2009
From: alaric at metrocast.net (Phil Stracchino)
Date: Wed, 30 Sep 2009 17:55:13 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3C87F.9010105@sixdemonbag.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>	<4AC3BEA3.9040703@metrocast.net>
	<4AC3C87F.9010105@sixdemonbag.org>
Message-ID: <4AC3D3C1.2040104@metrocast.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
> Phil Stracchino wrote:
>> Funny, I was thinking a lawyer would be almost the definitive example of
>> someone who would NOT want incomplete drafts, that might differ in
>> important material details from the final message, to be signed.
> 
> Depends on what the client wants and why.  Some clients have very
> demanding needs with respect to document integrity.
> 
> One simple way to deal with this is to have a public key which belongs
> to, "Smith & Smith PLC (INTERNAL DRAFTS)", and use that to sign
> non-finalized documents.  When the document goes out the door, have your
> document release guy sign the document with "Smith & Smith PLC (RELEASE)".
> 
> Presto, best of both worlds: you get document integrity without any
> concern that someone will be able to present it as a finished document.

Indeed, that works.

- --
  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
         Renaissance Man, Unix ronin, Perl hacker, Free Stater
                 It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkrD08EACgkQ0DfOju+hMknGhACdF43z93IZ/PQXPC1BKgeq5+bT
EoQAoIHx0zKSVNCc7goE9e9vYkqVfxYs
=vHWS
-----END PGP SIGNATURE-----

From dkg at fifthhorseman.net  Wed Sep 30 15:21:50 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Wed, 30 Sep 2009 18:21:50 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3C751.9010607@sixdemonbag.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>	<4AC3A99A.8060104@fifthhorseman.net>
	<4AC3C751.9010607@sixdemonbag.org>
Message-ID: <4AC3D9FE.80909@fifthhorseman.net>

We seem to be arguing past each other, Robert.  I'd like to understand
what you're saying, but i'm having difficulty.  I don't actually believe
that you think a digital signature should be considered meaningless, for
example, but some of your remarks seem to imply that you do.

Are you suggesting that you think there are good use cases where it
actually makes sense to sign e-mail drafts?  If so, what are those use
cases?

Or are you suggesting that some misguided policies are in place in some
workplaces, and in order for enigmail to be a tool that can fulfill
those policies, it needs an option to sign drafts?  I'm personally not
in favor of putting in wacky features to satisfy wacky requirements.
I've seen too many wacky workplace requirements, and i'm often glad to
respond to them with "this tool won't work that way, and for good reason".

I do understand the need for tracking document integrity, but i don't
think that signed e-mail drafts are a solution for this requirement
unless that feature is coupled with a feature like "verify draft
integrity before resuming edit" (or something similar).  But i don't
think Enigmail supports anything of the kind.  Or does it?

Are you saying you think that enigmail should be configurable to support
signing drafts?  If so, i disagree.  I really like the work that's been
done to reduce excessive options in the enigmail interface; it's the
closest thing to a human-usable OpenPGP interface i've seen.  I'd prefer
to keep unreasonable configuration options ("footguns") to a minimum if
possible to make the tool less confusing to ordinary folks.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/273b5a9f/attachment.bin>

From rjh at sixdemonbag.org  Wed Sep 30 16:12:25 2009
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Wed, 30 Sep 2009 19:12:25 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3D9FE.80909@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>	<4AC3A99A.8060104@fifthhorseman.net>	<4AC3C751.9010607@sixdemonbag.org>
	<4AC3D9FE.80909@fifthhorseman.net>
Message-ID: <4AC3E5D9.3030908@sixdemonbag.org>

Daniel Kahn Gillmor wrote:
> I don't actually believe that you think a digital signature should be
>  considered meaningless, for example, but some of your remarks seem 
> to imply that you do.

A digital signature is, by itself, meaningless.  The set of
prerequisites which must be met for a signature to be meaningful is
fairly long.  If I give you a random sequence of numbers that's signed
with a key that has no user ID, belonging to someone you don't know,
does that random sequence suddenly have meaning just because it's signed?

No.  Of course not.  A digital signature is, by itself, meaningless.  It
cannot give meaning to what is devoid of meaning.

Signatures acquire meaning as the result of a process of reasoning we
apply to the document.  Is the signature correct?  Is the key validated?
 Has the owner been vetted?  Is there evidence the key has been tampered
with?  Etc., etc., etc.

Once you sit down and actually look at the long chain of conditions that
have to be met for a signature to be meaningful, you quickly stop
thinking of digital signatures as a panacea or a general-purpose
solution.  Digital signatures are a good tool to have around, but they
are not as useful as their proponents make them out to be.

> Are you suggesting that you think there are good use cases where it 
> actually makes sense to sign e-mail drafts?  If so, what are those 
> use cases?

I've already given those cases.  There exist professions and business
endeavors which are under obligations -- contractual, legal, moral,
whatever -- to make sure all their documents have end to end integrity
checking.  From the very first time it's saved to disk to the time it's
released into the world, every change to the document must be logged,
and all interim versions must have someone sign off on them as saying,
"I personally approved the changes between the last version and this one."

And if that's the rule you're living under, then it is very possible,
even likely, that it applies to email drafts as well.

> Or are you suggesting that some misguided policies are in place in 
> some workplaces, and in order for enigmail to be a tool that can 
> fulfill those policies, it needs an option to sign drafts?

No.  My "misguided policies" response was when I was assuming,
/arguendo/, that you were correct and those policies are misguided.  It
doesn't matter if the policy is misguided.  The policies still exist,
and that means the use case still exists.

> I do understand the need for tracking document integrity, but i don't
> think that signed e-mail drafts are a solution for this requirement
> unless that feature is coupled with a feature like "verify draft 
> integrity before resuming edit" (or something similar).  But i don't
> think Enigmail supports anything of the kind.  Or does it?

I haven't been talking about whether Enigmail should support this or
shouldn't support this.  Look back at what I've written: the word
"Enigmail" never appears in any of my messages on this threat.

You said you didn't think any such use case could exist.  Those use
cases do exist.  They are a little exotic, but if you're in an industry
which needs end to end document integrity then you need end to end
document integrity, full stop.


From dkg at fifthhorseman.net  Wed Sep 30 18:23:44 2009
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Wed, 30 Sep 2009 21:23:44 -0400
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC3E5D9.3030908@sixdemonbag.org>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>	<4AC3A99A.8060104@fifthhorseman.net>	<4AC3C751.9010607@sixdemonbag.org>	<4AC3D9FE.80909@fifthhorseman.net>
	<4AC3E5D9.3030908@sixdemonbag.org>
Message-ID: <4AC404A0.6080401@fifthhorseman.net>

On 09/30/2009 07:12 PM, Robert J. Hansen wrote:
> I haven't been talking about whether Enigmail should support this or
> shouldn't support this.  Look back at what I've written: the word
> "Enigmail" never appears in any of my messages on this threat.

Had i known this back-and-forth had nothing to do with enigmail, i would
have stopped responding on-list a few messages ago.  Apologies to all on
the list for the off-topic digression.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090930/ecdf99e8/attachment.bin>

From olav at mozilla-enigmail.org  Wed Sep 30 23:07:06 2009
From: olav at mozilla-enigmail.org (Olav Seyfarth)
Date: Thu, 01 Oct 2009 08:07:06 +0200
Subject: [Enigmail] enigmail should never sign drafts
In-Reply-To: <4AC404A0.6080401@fifthhorseman.net>
References: <4AC15651.8040006@fifthhorseman.net>	<0McPxo-1MbN2f4ALY-00HifE@mrelayeu.kundenserver.de>	<4AC37659.6060701@mozilla-enigmail.org>	<4AC38477.7080808@fifthhorseman.net>	<4AC3A250.1010803@sixdemonbag.org>	<4AC3A99A.8060104@fifthhorseman.net>	<4AC3C751.9010607@sixdemonbag.org>	<4AC3D9FE.80909@fifthhorseman.net>	<4AC3E5D9.3030908@sixdemonbag.org>
	<4AC404A0.6080401@fifthhorseman.net>
Message-ID: <4AC4470A.8080203@mozilla-enigmail.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Daniel,

> Had i known this back-and-forth had nothing to do with enigmail, i would
> have stopped responding on-list a few messages ago.  Apologies to all on
> the list for the off-topic digression.

Never mind, I liked to sit back, relax and see both of you arguing.
But yes, Robert could have flagged it OT ;-)

And it wasn't too off-topic and since this is a discussion list, not just
for announcements.

Apart from that I think that at least the part "using a product (or issuing
a signature) by itself doesn't make anything safe" must be pointed out from
time to time.

Olav
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREIAAYFAkrERwgACgkQL/NBt8fdKe0c2gCeNPcgbplHzoZ+mEnGHg28FOkf
TGEAnRAOLEGU4xjoZ9xFQYjQKJ7Nrfjr
=0mVn
-----END PGP SIGNATURE-----