[29639] in North American Network Operators' Group
Re: PGP kerserver infrastructure
daemon@ATHENA.MIT.EDU (Bennett Todd)
Fri Jun 30 16:26:33 2000
Date: Fri, 30 Jun 2000 16:17:43 -0400
From: Bennett Todd <bet@rahul.net>
To: Shawn McMahon <smcmahon@eiv.com>
Cc: nanog@merit.edu
Message-ID: <20000630161743.I472@oven.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="BPjCafsbA2ap7OrL"
Content-Disposition: inline
In-Reply-To: <20000630155706.A6455@eiv.com>; from smcmahon@eiv.com on Fri, Jun 30, 2000 at 03:57:06PM -0400
Errors-To: owner-nanog-outgoing@merit.edu
--BPjCafsbA2ap7OrL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
2000-06-30-15:57:06 Shawn McMahon:
> 2000-06-30-15:40:46 L. Sassaman:
> > Ever heard of PGP/MIME? Look at RFC 2015.
>=20
> To be fair, even you aren't using it. :-)
Yup.
I abandoned it briefly myself. Seems that various versions of
various MUAs under Windows go way, way out of their way to screw up
PGP/MIME, making the normal body of the message look like some kind
of unknown binary attachment, popping up warnings that it might have
a virus, etc. --- the same programs that silently just run .SHS
attachments that they present to the user as being simple text
files.
In an attempt to make life a little easier for people running that
grade of software, I experimented for a bit with turning off the
PGP/MIME stuff and having my mutt generate text/plain with
clearsigned messages in the body.
Then I got more severe complaints, people who'd been able to read my
email before no longer could, it was arriving mushed into some kind
of random binary crud. So I switched back to PGP/MIME. Seems to be
the least awful of the alternatives available today, at least for
people who are about email privacy or authentication. Of course for
people who care primarily about enriching CAs, what you want is
S/MIME:-).
-Bennett
--BPjCafsbA2ap7OrL
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5XQBnL6KAps40sTYRAqy9AKCPs1OiaV1Yaj82ed9IYqvm46Bw5gCghiA9
nJlZ5IpOkeTvMFdkMsrrVxM=
=hzIn
-----END PGP SIGNATURE-----
--BPjCafsbA2ap7OrL--
