[Novalug] Selinux: to disable or not

Peter Larsen plarsen at famlarsen.homelinux.com
Sat Mar 17 14:09:45 EDT 2012 

On Fri, Mar 16, 2012 at 09:28:27AM -0400, John Holland wrote:
> 
> Peter -
> Your messages have an attachment that is a GPG signature.  I'm using
> Thunderbird and Enigmail to create and process messages that have the
> GPG stuff in the text of the message.

Depends on the client I use which depends on where I am. For slow connections when I'm on the road 
or just not feeling like booting up my home system, I use mutt on a small box with a minimal install - no keys etc. and I only use it mostly to read mail, or do a few mailman replies (like this one).

For the rest, I use Evolution. 

> How do you create the sig as a separate file?

Added the gpg plugin to Evolutoin and it's using my gpg setup. In other words, it's not a specific mail setup at all - it works off my existing private key. 

As to "separate file", remember emails isn't really condusive to attachments etc. - what was done to give the illusion of attachments is mime-encoded sections. The MUA then decides how to visualize the different sections. Depending on what the MUA knows, some are shown inline, some are presented as files that the MUA creates temporarily to call up an OS (external to the MUA) based software that can read/understand the format. The MUA knows that from the mime setup on the box.

So in other words, if the MUA don't know what it's getting it gives up and lets the OS handle it. In other words, in Evolution I don't see the signatures as attachments at all - just as "status" that what I'm reading is signed and whether I trust that signature or not. I wish it had better tools to import public keys but I've survived with Evolution without that feature for quite a while.

Some people add a fingerprint instead of a signature to their mail. I've not come across a MUA that will use that, but then again I haven't tried them all. In other words, you could simply add your ascii finger-print to your "human signature" section instead of the mime-encoded key, and you most likely wouldn't have MUAs getting confused.

I know when a lot of my recepients where Outlook users, they frequently complained or asked about my signature because Outlook totally screwed them up on the mime. Unless you used MS's way of signage they ignored or made things worse.

> 
> Do you perchance know of a way to get Enigmail to read your attachment
> and use it to verify the message?

I don't remember. It's been a very long time since I tried. In essense all it needs to recognize is it's gpg.  What the evolution plugin does is to use the gpg execuatables so the functionality isn't really inside the plugin. And you use always import a public key using gpg2:

gpg2 --recv-keys

--
  Peter Larsen

More information about the Novalug mailing list