When I send an Enigmail signed multipart message and receive a copy myself, I sometimes notice that the signature in the version I receive is broken, although the one in my outbox is correct. Running diff shows me that some server on the way chose to unfold a tow-line header field of the enclosed multipart/mixed message. I believe that Mailman running a list on some other system might have been the one who did this. I'm not sure what the specs say about enclosed messages, if gateways are allowed to modify them if they understand the mime structure. In any case it would be nice if this would not happen. That would require gpg to ignore differences in whitespaces and enigmail to use this. I have no idea if the PGP standard allows such a thing. Note for people with broken signatures who stumble across this bug: Current bogofilter removes X-Bogosity headers from enclosed forwarded messages, rendering signature invalid as well. Should be fixed in next release, so just wait. Reproducible: Sometimes Steps to Reproduce: 1.Create multipart message 2.Sign using enigmail (creates multipart/signed around multipart/mixed) 3.Send to Mailman 2.1.2 list not under my control 4.Looking in outbox, I see that header field of inner message is on two lines Actual Results: Signature broken, only difference in inner parts is that header is now on one line. Expected Results: Signatuire still correct From diff: --- outbox.eml 2003-11-27 19:12:14.000000000 +0100 +++ inbox.eml 2003-11-27 19:12:24.000000000 +0100 [...] +Sender: list-bounces@host.de +Errors-To: list-bounces@host.de +X-Bogosity: No, tests=bogofilter, spamicity=0.000000, version=0.13.7.2 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig17A005AFB86B086925CF148A -Content-Type: multipart/mixed; - boundary="------------060909010504050509010207" +Content-Type: multipart/mixed; boundary="------------060909010504050509010207" This is a multi-part message in MIME format. --------------060909010504050509010207 @@ -203,4 +242,3 @@ -----END PGP SIGNATURE----- --------------enig17A005AFB86B086925CF148A-- -
Hello Martin, Thanks for the bug report. You have a good idea (ignoring whitespace with gpg/enigmail), but unfortunately it's not something we're going to tackle at the distribution level. If you would like to take the idea upstream, head over to mozdev.org for enigmail and gnupg.org for gpg. Regards, Aron
Just for the record: The issue here seems to be caused mainly by mailman, the reason for this is a Python bug. I added the URL of the Python bug ticket. Maybe it would be better to address this issue in mailman instead of tweaking the PGP standard.