I can empathize with the frustration of dealing with PGP/MIME messages
in a mail client that doesn’t understand them; that frustration drove
me to switch mail clients a couple months ago.
This alone makes signing worthwhile. A common demonstration of how poor
a client is which helps people to switch to something less lame is a
Good Thing
(For the statistics gatherers, I’m now using Evolution
http://www.ximian.com/products/evolution/, which sends signed or
encrypted messages using PGP/MIME.)
Statistics gatherers would use User-Agent/X-Mailer
<Resists temptation to write a graphing tool showing the activity of
UA’s using rrdtool over his 1.2GB of mail>
I was going to do this for my SPAM, actually… hum, don’t suppose
anyone’s written a nice Rubyish API to rrdtool?
However, I believe the response to that frustration (if any) should be
directed to the email client vendors/authors. The RFCs relating to
this are 6 and 7 years old.
[…]
in my opinion, the individual is doing something reasonable, and
the vendor is not. Getting the vendor to change (or changing mail
clients) is also more reliable.
I agree; we shouldn’t be making concessions for UA’s which fail to
implement MIME correctly after squillions of revisions and almost a
decade of available development time.
I’ll try to refrain from doing so on this list, but I’ll probably
forget sometimes.
Mutt users can use a folder-hook, ala:
folder-hook . crypt_autosign=yes
folder-hook lists/ruby-talk crypt_autosign=no
And of course you can set anything you like with this; so if you run a
patch to use inline PGP signing, you can enable that for ruby-talk too.
Of course, instead of everyone else reconfiguring their mailers, maybe
all those Outlook* users could write a small filtering POP3 proxy and
convert PGP/MIME to inline, or change the Content-Type of
multipart/signed messages to something else Outlook can cope with
properly.
Such a proxy could also escape 'begin ’ with '>begin ’ or so too, to
escape people triggering Outlook’s dodgy attachment handling, not to
mention filter out stuff which might be exploitable…
Who knows; maybe the vendor is already considering it, and a cordial
suggestion might sway them to raise the priority.
Yup. Maybe forwarding every signed message that fails to display to
their support team with a “Outlook* does not display this properly” will
encourage them
I’ll endeavor to abide by whatever the community decides, but I’d
prefer to see the list policy be silent regarding PGP/GPG signatures.
That is, “Sign your messages or don’t, we don’t really care as long as
you’re ‘talking’ about Ruby.”
Agreed. It’s not that hard to open an attachment on 1 out of 100
messages (probably only a fraction of which you’ll necessarily be
interested in anyway, unless you read the body of every message);
Outlook users can concider it their pennence for inflicting broken
threading, truely broken MIME, incorrect charsets, TOFU posting and HTML
email on the rest of us
···
If I could drop dead right now, I’d be the happiest man alive!
– Samuel Goldwyn