[Enigmail] Survey: Inline-PGP or PGP/MIME
ludwig at enigmail.net
Tue Mar 17 21:22:38 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 17.03.15 20:00, Anne Wilson wrote:
> +1. Perhaps Patrick could point us to a beginners' guide detailing
> the differences?
Inline-PGP: The traditional method. It dates back to the 90s. The
ciphertext replaces the plain text of a mail. Attachments were not
part of the plan, and had to be signed/encrypted manually and then
attached. Later, good mail clients learnt to deal with them and could
sign/encrypt them independently and put the mail together
automatically. Signed mail can be read using mail clients not aware of
the OpenPGP content. Signed (not encrypted) HTML content is
problematic, signature failures happen frequently.
PGP/MIME: Standardized way (RFC 3156) to deal with signed/encrypted
OpenPGP content regardless of the presence of attachments. Puts the
signed/encrypted content in an attachment. The signature covers text
and attachments. The mail body itself is empty or has a simple
explanatory sentence. Only PGP/MIME-capable mail clients can display
signed mail. Most modern mail clients support this standard, however,
the most important that does not is Microsoft Outlook. HTML content is
Neither of the standards can encrypt mail headers including the subject.
Hope I didn't forget anything...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the enigmail-users