Gentoo Archives: gentoo-user

From: Michael <confabulate@××××××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Open PGP signatures on Thunderbird
Date: Fri, 17 Jun 2022 08:22:52
Message-Id: 10098964.nUPlyArG6x@lenovo.localdomain
In Reply to: [gentoo-user] Open PGP signatures on Thunderbird by Julien Roy
1 On Friday, 17 June 2022 02:38:38 BST Julien Roy wrote:
2 > Hello list,
3 >
4 > I recently configured Thunderbird to digitally sign my emails using my
5 > GnuPG key. It seemed to be working fine with the tests I made to my
6 > other email address, however, I noticed an email I sent to this list was
7 > unreadable from the archive [0]. Therefore, I assume something is wrong
8 > with my setup since, from my understanding, nothing special is required
9 > from the receiver's side to read signed (and not encrypted) messages.
11 I have been able to read your emails and signature, with Kmail, but the
12 archive would use a different parser which it seems does not like the format of
13 your signed message.
16 > Does anyone else on this list use Thunderbird with OpenPGP signatures
17 > that could help me figure out why this is happening? The configuration
18 > on Thunderbird is rather straight forward some I'm not sure what I
19 > could've done wrong.
21 I don't have a signed message of yours available to examine its structure.
22 You can check your Thunderbird's OpenPGP format to determine if the 'Content-
23 Type' in the headers of the message is binary, or ASCII and if the signature
24 is attached or embedded. I'm guessing the archive may have problems with
25 binary. An attached ASCII signature works here.
28 > Do receivers have to accept/add my signature (which attaches itself to
29 > my emails by default) before they can view my messages?
31 No, the receiving mail client application should deal with signature
32 verification automatically and warn the receiver if the signature signing
33 party's key is not trusted. The receiver would not normally manually alter
34 the trust status of a sender's public key, unless the identity of the sender
35 and his corresponding key fingerprint can be verified off-line.
38 > Strangely, the Gentoo User list archive has a small button at the button
39 > "Find on MARC"; when I click this, my email is readable just fine [1].
40 > This would indicate that perhaps the Gentoo archive isn't configured to
41 > handle signatures, however I am not the only one on this list who signs
42 > their emails, and other signed emails are readable just find on the
43 > Gentoo archive.
44 >
45 > Thanks,
46 > Julien
47 >
48 >
49 > [0]
50 >
51 > de83 [1]
53 I expect different mailing list managers use different parsing code and the
54 archive discriminates against the format of the signed messages your T'bird is
55 posting.
57 If you prefer you can send me a message off list and I can check its structure
58 at the receiving end.


File name MIME type
signature.asc application/pgp-signature