Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87a4yyrev4.fsf@jacob.g10code.de>
Date: Wed, 31 Dec 2025 13:54:23 +0100
From: Werner Koch <wk@...pg.org>
To: Demi Marie Obenour <demiobenour@...il.com>
Cc: oss-security@...ts.openwall.com,  Jacob Bachmeyer <jcb62281@...il.com>,
  Solar Designer <solar@...nwall.com>,  contact@....fail
Subject: Re: safe use of cleartext signatures?

On Tue, 30 Dec 2025 15:06, Demi Marie Obenour said:
> On 12/30/25 03:47, Werner Koch wrote:
>> data (with --output FILE).  Actually we have the same problem with MIME
>> when forwarding a mail.  Not all MUAs correctly mark which parts are
>> signed by which signature.
>
> What about for detached signatures?

PGP/MIME and S/MIME use detached signature.  There is one MIME object
for the signed text and one MIME object with the signature.


Salam-Shalom,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein

Download attachment "openpgp-digital-signature.asc" of type "application/pgp-signature" (285 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.