[Enigmail] Survey: Inline-PGP or PGP/MIME

Ludwig Hügelschäfer ludwig at enigmail.net
Tue Mar 17 21:22:38 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 17.03.15 20:00, Anne Wilson wrote:

> +1.  Perhaps Patrick could point us to a beginners' guide detailing
> the differences?

Inline-PGP: The traditional method. It dates back to the 90s. The
ciphertext replaces the plain text of a mail. Attachments were not
part of the plan, and had to be signed/encrypted manually and then
attached. Later, good mail clients learnt to deal with them and could
sign/encrypt them independently and put the mail together
automatically. Signed mail can be read using mail clients not aware of
the OpenPGP content. Signed (not encrypted) HTML content is
problematic, signature failures happen frequently.

PGP/MIME: Standardized way (RFC 3156) to deal with signed/encrypted
OpenPGP content regardless of the presence of attachments. Puts the
signed/encrypted content in an attachment. The signature covers text
and attachments. The mail body itself is empty or has a simple
explanatory sentence. Only PGP/MIME-capable mail clients can display
signed mail. Most modern mail clients support this standard, however,
the most important that does not is Microsoft Outlook. HTML content is
covered perfectly.

Neither of the standards can encrypt mail headers including the subject.

Hope I didn't forget anything...

HTH

Ludwig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJVCI0LAAoJEDrb+m0Aoeb+VJYQAJv0xf4XWqsmLj9WW9msgPoh
vZ1BtnGiNceo5Ntr21vgZ081Le8iJlkREIAWipEI45O2x1w5eH+ZzY0if5rZpBL3
xSr7h8HNMmulSMU1TUWD/TEmuj+MWJInGMt/ogWTHSu2arjNTj7zfaGx0bG7dIvy
3qLXQKe44ULmFczaGUlBXew/4ZQ2obgD0f4m5o/NDwxRPI9+Zp1q1SWz3Y2sGmfy
TC79TxYwwYxRKh7/9EmxLNktOViG2b74ZU9UgnDIyWOeWy2UzL3r3D+a4Wo5C2z1
OT1bpISKj1OnNp5SQINtyc0fn7UzLFzoomL4QvIiJ6bEdTVZVV42SrM0bG0h6coA
JVoqswDgIcywRgKU1p9HsUTTHKNhxBw1x8VMg0trQkFqKd2K817V/r1DGLhRTeqp
tcgxqqHHRaiI1osL5PmGYEc/SfEVIvsgEsz2uakSREe27DIXGkz0+W5WAA5UV+Vp
8Q1OL6cB3epJrlfApiqMN2gul1MWQjBWv1oIhV/plooecjiABRm00cdEYALts9e4
fOvwTeaAE4hpPuLGt2sLjmBkWTe4jfup5ZrgwIgiihMwT1BI6B9smChPxbgkRfjE
5JHT6yS7Bt3dlFfYsfG8hGAr/DOTZRVqkC8fB7b0fDqqcaWA9tzOBDsCV17gownL
CkwUKqUlCpuHVteqMiYX
=doUC
-----END PGP SIGNATURE-----



More information about the enigmail-users mailing list