[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c?
From: |
Kevin Brubeck Unhammer |
Subject: |
Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c? |
Date: |
Wed, 17 Oct 2012 13:06:51 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) |
Marius Hofert <marius.hofert@math.ethz.ch> writes:
>> > Hi,
>>
>> >
>>
>> > Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or
>>
>> > signed and encrypted with C-c C-m
>>
>> > C-e) fully encrypted in the sense that attachments are also encrypted?
>>
>> >
>>
>> > I would have guessed that only the main part/body of the email (without
>> > subject
>>
>> > headers or attachments) are encrypted, but I couldn't find sufficient
>>
>> > information on this.
>>
>>
>>
>> I just tested by doing `C-c C-m C-c' and then `C-c C-m f', sending to a
>>
>> webmail.
>
> Hi Kevin,
>
> Many thanks for your quick reply.
>
> What exactly did you send?
>
> I assume your sent message was encrypted and appeared as the encrypted
> attachment 2 on the webmail. But what did you send such that it
> appeared (unencrypted) as attachment 1? Was it a .txt attachment
> containing "Version: 1"? If so, it wasn't encrypted ...
The first attachment, named Attachment1, and containing the text
"Version 1", must be something Gnus or message-mode creates (presumably
to note which OpenPGP version is used?). It seems that every time I
encrypt an email, what really happens is that Gnus sends an email with
two attachments, Attachment1 just containing "Version 1", and
Attachment2 being a PGP encrypted file containing the email body +
anything I attached.
So the attachment that _I_ attached with `C-c C-m f' was part of the
file Attachment2, of which everything was encrypted.
But don't take my word for it, just try it yourself, e.g. with some
webmail system. If you want to send to your throwaway webmail at
foo@bar.com, and you don't have an encryption key, you can do (setq
mm-encrypt-option 'guided) first, then when you `C-c C-c', you'll be
given the option to encrypt using your own public key.
> I was wondering if, for example, a standard .pdf document attached
> will appear at the recipient encrypted as .pdf.gpg? If so, this would
> not require oneself to encrypt it manually (although I agree that this
> is safer)
>
> Cheers,
>
> Marius
If you attach a pdf, it'll be embedded in the file Attachment2. Note
that when you open that email in _Gnus_, not some dumb webmail, Gnus
automatically figures out that Attachment1 and Attachment2 represent an
encrypted email, and shows it like
[[PGP Encrypted Part:OK]]
[1. application/octet-stream; somefile.pdf]...
Hi Alice,
See attached pdf file.
--
Bob
[[End of PGP Encrypted Part]]
That is, at least it will if you've got
#+begin_src emacs-lisp
(setq mm-verify-option 'always
mm-decrypt-option 'always
gnus-buttonized-mime-types '("multipart/encrypted"
"multipart/signed"))
#+end_src
in your ~/.gnus.
I assume K9 and Thunderbird with Enigmail use the same conventions,
though I haven't tried.
--
Kevin Brubeck Unhammer
GPG: 0x766AC60C