info-gnus-english
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c?

From: Kevin Brubeck Unhammer
Subject: Re: GPG: Are attachments or headers also encrypted on C-c C-m C-c?
Date: Wed, 17 Oct 2012 13:06:51 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) 
Marius Hofert <marius.hofert@math.ethz.ch> writes:

>> > Hi,
>> 
>> >
>> 
>> > Is a message encrypted with GnuPG (PGP/MIME) via C-c C-m C-c (or
>> 
>> > signed and encrypted with C-c C-m
>> 
>> > C-e) fully encrypted in the sense that attachments are also encrypted? 
>> 
>> >
>> 
>> > I would have guessed that only the main part/body of the email (without 
>> > subject
>> 
>> > headers or attachments) are encrypted, but I couldn't find sufficient
>> 
>> > information on this.
>> 
>> 
>> 
>> I just tested by doing `C-c C-m C-c' and then `C-c C-m f', sending to a
>> 
>> webmail. 
>
> Hi Kevin,
>
> Many thanks for your quick reply. 
>
> What exactly did you send? 
>
> I assume your sent message was encrypted and appeared as the encrypted
> attachment 2 on the webmail. But what did you send such that it
> appeared (unencrypted) as attachment 1? Was it a .txt attachment
> containing "Version: 1"? If so, it wasn't encrypted ...

The first attachment, named Attachment1, and containing the text
"Version 1", must be something Gnus or message-mode creates (presumably
to note which OpenPGP version is used?). It seems that every time I
encrypt an email, what really happens is that Gnus sends an email with
two attachments, Attachment1 just containing "Version 1", and
Attachment2 being a PGP encrypted file containing the email body +
anything I attached.

So the attachment that _I_ attached with `C-c C-m f' was part of the
file Attachment2, of which everything was encrypted. 

But don't take my word for it, just try it yourself, e.g. with some
webmail system. If you want to send to your throwaway webmail at
foo@bar.com, and you don't have an encryption key, you can do (setq
mm-encrypt-option 'guided) first, then when you `C-c C-c', you'll be
given the option to encrypt using your own public key.

> I was wondering if, for example, a standard .pdf document attached
> will appear at the recipient encrypted as .pdf.gpg? If so, this would
> not require oneself to encrypt it manually (although I agree that this
> is safer)
>
> Cheers,
>
> Marius

If you attach a pdf, it'll be embedded in the file Attachment2. Note
that when you open that email in _Gnus_, not some dumb webmail, Gnus
automatically figures out that Attachment1 and Attachment2 represent an
encrypted email, and shows it like


[[PGP Encrypted Part:OK]]
[1. application/octet-stream; somefile.pdf]...

Hi Alice,
See attached pdf file.
-- 
Bob
[[End of PGP Encrypted Part]]


That is, at least it will if you've got

#+begin_src emacs-lisp
(setq mm-verify-option 'always
      mm-decrypt-option 'always
      gnus-buttonized-mime-types '("multipart/encrypted"
                                   "multipart/signed"))
#+end_src

in your ~/.gnus.

I assume K9 and Thunderbird with Enigmail use the same conventions,
though I haven't tried.


-- 
Kevin Brubeck Unhammer

GPG: 0x766AC60C
reply via email to
[Prev in Thread] Current Thread [Next in Thread]