[Users] [Bug 3045] New: Claws prompts for passphrase on PGP message inside text/plain MIME part
Manfred Schmitt
claws at slashproc.org
Sun Jan 5 14:51:07 CET 2014
Michael Schwendt wrote:
>
> and with the password in there one can decrypt the small part that
> is included inline.
... if it had been encrypted to yourself ;-)
I just did a few tests with ASCII armor PGP messages encrypted to myself:
1) MIME with only one text/plain part and ASCII armor PGP anywhere in the
the body
2) Multipart MIME with an attachment and ASCII armor PGP anywhere inside
a text/plain part
3) Simple plain text without any content-type/transfer encoding at all
and ASCII armor PGP anywhere in the body send with mailx (sSMTP sendmail
emulation)
So all these messages aren't encrypted with gpg inside Claws but just
include a pasted ASCII armor PGP message anywhere in the body.
In all cases the ASCII armor PGP message decrypts successfully.
Can I assume that all these messages are legit PGP encrypted (!) mails and
all works as expected or is there something along the line of robustness
(Be conservative in what you send, be liberal in what you accept) involved?
However, I'm now assuming that my bug report is invalid, sorry for the noise.
I was just a little bit surprised that Claws prompts me for my gpg passphrase
while reading a message sent to an open mailing list.
Btw: There is a small translation error in po/de.po:
-msgstr "--- Ende der der PGP/Inline verschlüsselten Daten ---\n"
+msgstr "--- Ende der PGP/Inline verschlüsselten Daten ---\n"
Should I open another bugreport with a patch?
Bye,
Manne
More information about the Users
mailing list