On Tue, Mar 23, 2010 at 9:05 PM, mike cloaked <mike.cloaked@xxxxxxxxx> wrote: > On Tue, Mar 23, 2010 at 8:55 PM, mike cloaked <mike.cloaked@xxxxxxxxx> wrote: > >>>> does it make a difference if you are sending inline or PGP/MIME. >>> > > Maybe that last point is the important one - in Thunderbird I have the > option of sending PGP/mime - but I can't see how to do this in > Evolution? Is there a switch I am missing because I did not look deep > enough or is it that Evolution just can't do PGP/Mime?? I found a post at http://www.secure-my-email.com/clients_evolution.php which says: "One thing I encoutered here is that Evolution (at least my version, version 2.2.3) require the encrypted data to be RFC 1847 Encapsulated. It does not support the other method of both digitally signing and encrypting as defined in RFC 3156. (RFC 1847 encapsulation is described in chapter 6.1, the combined method is described in chapter 6.2 for those interested). My primary mail client, Mozilla Thunderbird, with Enigmail as an extension to handle the security use the combined method by default when sending a message using PGP/MIME. It will be able to properly verify both methods." I wonder if this is at the core of this issue? I also saw a very old post at http://www.mozdev.org/pipermail/enigmail/2003-November/000661.html "> I am having trouble receiving signed+encrypted email from a > person using Evolution, which supports only PGP/MIME. I read through RFC > 3156, and, according to section 6, there are two ways to send > signed+encrypted email. One (6.1) is to create a signature mime body > from the text, encrypt the whole, and create an encrypted mime body from > the result. This is what Evolution does. The other (6.2) is to > encrypt+sign the text in one go, which is what Enigmail does. The > problem is that Enigmail does not properly decode email sent in the > format described in 6.1. It decrypts the message and displays the text, > but does not verify the signature." This seems to point to Thunderbird as being the problem in that maybe a very old unresolved bug/feature is preventing correct signature verification? I would appreciate further input on this. -- mike c -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
