From unknown Sat Jun 14 18:41:44 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#78448 <78448@debbugs.gnu.org> To: bug#78448 <78448@debbugs.gnu.org> Subject: Status: 30.1; mml: Produce Unobtrusive Signatures Reply-To: bug#78448 <78448@debbugs.gnu.org> Date: Sun, 15 Jun 2025 01:41:44 +0000 retitle 78448 30.1; mml: Produce Unobtrusive Signatures reassign 78448 emacs,gnus submitter 78448 Daniel Kahn Gillmor severity 78448 normal thanks From debbugs-submit-bounces@debbugs.gnu.org Thu May 15 23:56:47 2025 Received: (at submit) by debbugs.gnu.org; 16 May 2025 03:56:47 +0000 Received: from localhost ([127.0.0.1]:59833 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uFmBi-0003vd-Ai for submit@debbugs.gnu.org; Thu, 15 May 2025 23:56:47 -0400 Received: from lists.gnu.org ([2001:470:142::17]:56928) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uFmBf-0003uo-HU for submit@debbugs.gnu.org; Thu, 15 May 2025 23:56:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFmBZ-0008K4-ET for bug-gnu-emacs@gnu.org; Thu, 15 May 2025 23:56:37 -0400 Received: from che.mayfirst.org ([162.247.75.118]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFmBX-0007kI-1p for bug-gnu-emacs@gnu.org; Thu, 15 May 2025 23:56:37 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1747367792; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=IyewDc8Ju+j7UT681ShQQWqazxqwUlMDgoVPE0tJBe4=; b=GJYBoIiZqleUR3EZOVjMSoPVfw4gb276G/d5McAcjQ6zAGFvGCUL46XMNY5U/le1xN8sP zZ3XPYL6akAnxPrAw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1747367792; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=IyewDc8Ju+j7UT681ShQQWqazxqwUlMDgoVPE0tJBe4=; b=LoJq1f3leNGbqgIxQoOPq18xHlOlpGCZsyvlDQwGEgWX3ETn+PGy3AMEcV1tOnTefYepz 1CIJPDGkBaEq10w+YLb3dObr4HPtmeKaw7uZvsO8D7Wu6OHwY/5Kpn1VsZlI7CWHjpO1GKZ hRWZfkLQEGnHV8Nd3NPBxFqpfOu33JWBmFvXST3cNYwkjaiaKg/O1T1eHlUWYf3efCydtd+ RYhIDUM2XQkg4dSN9AdOtERXJ9oeNafsyl+FPdYHtPaMtE6drTHsOqBH6ShcK0oZuqqb4C/ uLfddXs3liJKgmU6jumoT5h7oAwocYNj054TaC1OOxGOjCaDv6IlRBpj+h9w== Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id A681AF9B1; Thu, 15 May 2025 23:56:32 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 226BA13F6A6; Thu, 15 May 2025 23:56:26 -0400 (EDT) From: Daniel Kahn Gillmor To: bug-gnu-emacs@gnu.org, bugs@gnus.org Subject: 30.1; mml: Produce Unobtrusive Signatures Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== X-Debbugs-Cc: Date: Thu, 15 May 2025 23:56:25 -0400 Message-ID: <87a57dciom.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=162.247.75.118; envelope-from=dkg@fifthhorseman.net; helo=che.mayfirst.org X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Package: emacs,gnus Version: 30.1 I'm running emacs 30.1 on debian. When sending cleartext mail, i want to be able to produce an "Unobtrusive Signature" using OpenPGP as described in https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatures/ Those kinds of signatures provide end-to-end cryptographic protection for headers (based on https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protection/ ) as well as the message body, and are less likely to inflict bad UX or bad rendering on recipients using legacy MUAs compared to PGP/MIME (or inline PGP, for that matter). These three patches appear to do the trick for me. I'm not an elisp guru or a gnus expert. I'm happy to hear any feedback about how they could be improved. Regards, --dkg --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-mml-Pass-likely-headers-through-to-mml-sec-functions.patch Content-Transfer-Encoding: quoted-printable From=2081c3e7f5de0bbb24bbd2a2b43a103fb83c530f6d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 21:49:32 -0400 Subject: [PATCH 1/3] mml: Pass likely headers through to mml-sec functions By pre-computing the likely headers for an outbound message, and passing them along as a tag in mml-parse, we create an opportunity to provide Header Protection as described in https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protection/ Signed-off-by: Daniel Kahn Gillmor =2D-- lisp/gnus/mml.el | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 51d8d2c3769..11a8de7c011 100644 =2D-- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -265,6 +265,8 @@ part. This is for the internal use, you should never m= odify the value.") (apply #'mml-insert-tag secure-mode `(,@tags + ,"likely-headers" + ,(mml-get-likely-headers) ,(if keyfile "keyfile") ,keyfile ,@(apply #'append @@ -492,6 +494,21 @@ If MML is non-nil, return the buffer up till the corre= spondent mml tag." (declare-function libxml-parse-html-region "xml.c" (start end &optional base-url discard-comments)) =20 +(defun mml-get-likely-headers () + "Get likely final headers from the existing message" + (save-excursion + (save-restriction + (message-narrow-to-headers-or-head) + (let ((x (buffer-substring (point-min) (point-max)))) + (with-temp-buffer + (insert x) + (message-remove-header "Bcc") + (message-remove-header message-ignored-mail-headers t) + (mail-encode-encoded-word-buffer) + (message-cleanup-headers) + (buffer-string) + ))))) + (defun mml-generate-mime (&optional multipart-type content-type) "Generate a MIME message based on the current MML document. MULTIPART-TYPE defaults to \"mixed\", but can also =2D-=20 2.47.2 --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0002-mml-Enable-production-of-Unobtrusive-Signatures-via-.patch Content-Transfer-Encoding: quoted-printable From=2075f8c5c936deafea1ee44edad5e0f530ec6c4dfc Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 21:54:06 -0400 Subject: [PATCH 2/3] mml: Enable production of Unobtrusive Signatures via e= pg https://datatracker.ietf.org/doc/draft-gallagher-email-invisible-signatures/ describes a mechanism to produce cleartext signatures over MIME messages that are less likely to cause problems than traditional PGP/MIME. With this patch, it's possible to produce those signatures with: (mml-secure-message "unobtrusive" 'sign) This patch only works with epg, not with mailcrypt or pgg, because epg is what i'm familiar with and what i can easily test. Signed-off-by: Daniel Kahn Gillmor =2D-- lisp/gnus/mml-sec.el | 6 ++++++ lisp/gnus/mml2015.el | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 8dffcf872f3..6fb82836e9a 100644 =2D-- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el @@ -34,6 +34,7 @@ (autoload 'mail-strip-quoted-names "mail-utils") (autoload 'mml2015-sign "mml2015") (autoload 'mml2015-encrypt "mml2015") +(autoload 'mml-unobtrusive-sign "mml2015") (autoload 'mml1991-sign "mml1991") (autoload 'mml1991-encrypt "mml1991") (autoload 'message-fetch-field "message") @@ -56,6 +57,7 @@ '(("smime" mml-smime-sign-buffer mml-smime-sign-query) ("pgp" mml-pgp-sign-buffer list) ("pgpauto" mml-pgpauto-sign-buffer list) + ("unobtrusive" mml-unobtrusive-sign-buffer list) ("pgpmime" mml-pgpmime-sign-buffer list)) "Alist of MIME signer functions.") =20 @@ -198,6 +200,10 @@ You can also customize or set `mml-signencrypt-style-a= list' instead." (or (mml2015-sign cont) (error "Signing failed... inspect message logs for errors"))) =20 +(defun mml-unobtrusive-sign-buffer (cont) + (or (mml-unobtrusive-sign cont) + (error "Signing failed... inspect message logs for errors"))) + (defun mml-pgpmime-encrypt-buffer (cont &optional sign) (or (mml2015-encrypt cont sign) (error "Encryption failed... inspect message logs for errors"))) diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el index a46aa68f56a..646fb018a31 100644 =2D-- a/lisp/gnus/mml2015.el +++ b/lisp/gnus/mml2015.el @@ -25,6 +25,9 @@ ;; RFC 2015 is updated by RFC 3156, this file should be compatible ;; with both. =20 +;; This is also capable of producing unobtrusive signatures based on +;; draft-gallagher-email-unobtrusive-signatures + ;;; Code: =20 (eval-when-compile (require 'cl-lib)) @@ -945,6 +948,42 @@ If set, it overrides the setting of `mml2015-sign-with= -sender'." (insert (format "--%s--\n" boundary)) (goto-char (point-max)))) =20 +;;; Unobtrusive Signatures, see: +;;; https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-sig= natures/ + +; convert ASCII-armored PGP SIGNATURE block to base64-encoded with FWS +; at the start of each line: +(defun pgpsig-armor-to-wrapped-b64 (s) + (string-join + (string-split + (string-trim-right + (string-trim-left s "-----BEGIN PGP SIGNATURE-----\n\\(?:[^\n]+\n\\)*= \n") + "\n\\(?:=3D....\n\\)?-----END PGP SIGNATURE-----\n?") + "\n") + "\n ")) + +(defun mml-unobtrusive-sign (cont) + (goto-char (point-min)) + (insert (cdr (assq 'likely-headers cont))) + (re-search-forward "^Content-Type: [^\n]*\\(\n[ \t][^\n]*$\\)*") + (insert "; hp=3D\"clear\"") + (re-search-forward "^") + (let* ((pair (mml-secure-epg-sign 'OpenPGP t)) + (signature (car pair))) + (unless (stringp signature) + (error "Signature failed")) + (goto-char (point-min)) + (insert (format "Sig: t=3Dp; b=3D%s\n" + (pgpsig-armor-to-wrapped-b64 signature))) + (let ((boundary (mml-compute-boundary cont))) + (goto-char (point-min)) + (insert (format "Content-Type: multipart/mixed; boundary=3D\"%s\";\n" + boundary)) + (insert (format "\n--%s\n" boundary)) + (goto-char (point-max)) + (insert (format "\n--%s--\n" boundary)) + (goto-char (point-max))))) + ;;; General wrapper =20 (autoload 'gnus-buffer-live-p "gnus-util") =2D-=20 2.47.2 --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0003-mml-Add-C-c-RET-s-u-to-make-Unobtrusive-Signature.patch Content-Transfer-Encoding: quoted-printable From=20f03c16ddedaa0b7a39692629ab61e7c3b3e06201 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 22:03:25 -0400 Subject: [PATCH 3/3] mml: Add C-c RET s u to make Unobtrusive Signature This adds to the default keymap to make it relatively easy to make an Unobtrusive Signature when sending mail. Signed-off-by: Daniel Kahn Gillmor =2D-- lisp/gnus/mml-sec.el | 5 +++++ lisp/gnus/mml.el | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 6fb82836e9a..9b703abd5f4 100644 =2D-- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el @@ -285,6 +285,11 @@ Use METHOD if given. Else use `mml-secure-method' or (interactive nil mml-mode) (mml-secure-part "pgpmime" 'sign)) =20 +(defun mml-secure-sign-unobtrusive () + "Add MML tags to unobtrusively sign this MML part." + (interactive nil mml-mode) + (mml-secure-part "unobtrusive" 'sign)) + (defun mml-secure-sign-smime () "Add MML tags to S/MIME sign this MML part." (interactive nil mml-mode) diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 11a8de7c011..7d849335154 100644 =2D-- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -1178,11 +1178,13 @@ If HANDLES is non-nil, use it instead reparsing the= buffer." "s" (define-keymap "p" #'mml-secure-message-sign-pgpmime "o" #'mml-secure-message-sign-pgp =2D "s" #'mml-secure-message-sign-smime) + "s" #'mml-secure-message-sign-smime + "u" #'mml-secure-message-sign-unobtrusive) "S" (define-keymap "p" #'mml-secure-sign-pgpmime "o" #'mml-secure-sign-pgp =2D "s" #'mml-secure-sign-smime) + "s" #'mml-secure-sign-smime + "u" #'mml-secure-message-sign-unobtrusive) "c" (define-keymap "p" #'mml-secure-message-encrypt-pgpmime "o" #'mml-secure-message-encrypt-pgp =2D-=20 2.47.2 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaCa3aQAKCRB4C4VO2cK0 liFeAP43PlQNzPjzuDY1zjtaV3Mbj82otoZ3wCoAVnVkSkpzfgEApsT3++6DkC7x OecKQ1QstKo5QydIlEYwocH+IkE9SQQ= =3Zmf -----END PGP SIGNATURE----- --==-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat May 17 06:16:11 2025 Received: (at 78448) by debbugs.gnu.org; 17 May 2025 10:16:11 +0000 Received: from localhost ([127.0.0.1]:46129 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uGEaR-0006rQ-CW for submit@debbugs.gnu.org; Sat, 17 May 2025 06:16:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51748) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uGEaN-0006qz-WE for 78448@debbugs.gnu.org; Sat, 17 May 2025 06:16:08 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uGEaG-0005xe-Rn; Sat, 17 May 2025 06:16:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=tmvWmV1CIMjxH+ca4i0RjIljPF/IjJWQA9Xs4sbeu8o=; b=MV3IOJzR88VQ DVZ8QhoaNRFE0doQdULw1cDbCPzpxHgBA3pFX3hN8tVaMnipm/nDpIhfKkpLVYHphAjpKwsvL7S62 3JMMwp26qB5D7NC0C4GMfPJZwFAZn4Qu5i8jxy+L1AGgJElHGrWustjESZ8h1OWaFGipdVekK4O5k t85rlNeX/N2qqh5L73/N/xP8M/JwbPyCCPht2ZoUr6nF6lUmuwSX5QCj44QFUa71t6u3UYiswGFkB QaAICGWv/vmBoI3go4R01o3Jt8bcs/MWR8nSNQlHnVp+Xltz6BRA7r6oZdttvu2wIFPS39jgZKDLe omyFClGYh7YJFEpj/hb5Pg==; Date: Sat, 17 May 2025 13:15:43 +0300 Message-Id: <86v7pzv8z4.fsf@gnu.org> From: Eli Zaretskii To: Daniel Kahn Gillmor , Eric Abrahamsen In-Reply-To: <87a57dciom.fsf@fifthhorseman.net> (message from Daniel Kahn Gillmor on Thu, 15 May 2025 23:56:25 -0400) Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures References: <87a57dciom.fsf@fifthhorseman.net> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: 78448@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Daniel Kahn Gillmor > Date: Thu, 15 May 2025 23:56:25 -0400 > > Package: emacs,gnus > Version: 30.1 > > I'm running emacs 30.1 on debian. When sending cleartext mail, i want > to be able to produce an "Unobtrusive Signature" using OpenPGP as > described in > https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatures/ > > Those kinds of signatures provide end-to-end cryptographic protection > for headers (based on > https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protection/ ) > as well as the message body, and are less likely to inflict bad UX or > bad rendering on recipients using legacy MUAs compared to PGP/MIME (or > inline PGP, for that matter). > > These three patches appear to do the trick for me. I'm not an elisp > guru or a gnus expert. I'm happy to hear any feedback about how they > could be improved. Eric, any comments to the patch or to the issue? In any case, Daniel, to accept a contribution this large, we will need you to assign to the FSF the copyright for your Emacs-related changes. If you agree to do that, I will send you the form to fill and the instructions to go with it. Thanks. From debbugs-submit-bounces@debbugs.gnu.org Sat May 17 23:16:48 2025 Received: (at 78448) by debbugs.gnu.org; 18 May 2025 03:16:48 +0000 Received: from localhost ([127.0.0.1]:53174 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uGUW7-00007J-MY for submit@debbugs.gnu.org; Sat, 17 May 2025 23:16:48 -0400 Received: from che.mayfirst.org ([162.247.75.118]:54397) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uGUW5-000079-26 for 78448@debbugs.gnu.org; Sat, 17 May 2025 23:16:45 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1747538204; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=w9KFbGotVNwWMHkWsRvedEF6uWXiVS8PkeN5Gn2AytI=; b=0J4Zf34qnfwL9y75qnyYhC+yPRgP2cCBaU+F6WnDPZcztj0YtSOzA6B+diFXpcuGlLKH/ HfXTcAK8fpTnFfcAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1747538204; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=w9KFbGotVNwWMHkWsRvedEF6uWXiVS8PkeN5Gn2AytI=; b=EtiI/aTTRHXOLAWkaMl/BENPowmF0IMwcgtt4HmOcXKPP1+QOXoMJhonyVqy3gBAbjwmG fL7Y/5ZYFrv5Zt7/UYj2T5zig0532Fj3SXBN3Qnc8tWYRBIfZj5i78Y9yll6XP5F+YndJ6r RghFvZErUrys9IoMVL5Q4a6QL041BskNbAZbcZH5ID3244G+XP+ry5aeif2TWdXBLx4VWcu d4XOJ+WI2WWq48Z5aLexKPrXTs8uW9MDiFi34qOSOcGCaVl0XIp+djR4CGbbVPQ1j3psJoP rXcqh/YZEKC4+5UVriii1D8bquUBWDVW53xqFG8X4tZVZ0ki9Q+9YarR57fQ== Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id F3773F9B1; Sat, 17 May 2025 23:16:43 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id D99E613F6AF; Sat, 17 May 2025 23:16:39 -0400 (EDT) From: Daniel Kahn Gillmor To: Eli Zaretskii , Eric Abrahamsen Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <86v7pzv8z4.fsf@gnu.org> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Sat, 17 May 2025 23:16:39 -0400 Message-ID: <87o6vqbobs.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: 78448@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --=-=-= Content-Type: text/plain Hi Eli-- On Sat 2025-05-17 13:15:43 +0300, Eli Zaretskii wrote: > In any case, Daniel, to accept a contribution this large, we will need > you to assign to the FSF the copyright for your Emacs-related changes. > If you agree to do that, I will send you the form to fill and the > instructions to go with it. I'm pretty frustrated and disappointed with the FSF these days, but i still care about emacs, so i'm willing to make a copyright assignment for the sake of the tooling here and the broader ecosystem around it. Please send me the form and instructions. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaClRFwAKCRB4C4VO2cK0 liA4AQDWhfCGbi4jPFrdOkNqpalw/vwdBY9nCIP8DgicFTYMRwEAt7lyRNHgwpAC XTisX8nQ5JUXTr8ANiPvMSZncL2dMA4= =LUVM -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun May 18 01:16:37 2025 Received: (at 78448) by debbugs.gnu.org; 18 May 2025 05:16:37 +0000 Received: from localhost ([127.0.0.1]:53912 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uGWO5-0007YX-1y for submit@debbugs.gnu.org; Sun, 18 May 2025 01:16:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39130) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uGWO2-0007Xy-Ke for 78448@debbugs.gnu.org; Sun, 18 May 2025 01:16:35 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uGWNw-0006UB-76; Sun, 18 May 2025 01:16:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=qzWpMqdHwECWLuiskkVjfMhMmdvAp0ajWH2d3/a5eHs=; b=e9hBqm93TnDX 7sJlgnTiXwOv6YcFwDoOJBNuh7uPjb1T4X/BdV1HEVhfg8s3okJrZG7enFhxkr40i8wPfLI5lf2GT j4hBaCz/vgvbtqZIdroLciDeUoDVotxD1JYCkl0kMTvJzFiCGJTKWN88gQ2qOXFa3q9mf/EAPo1DC sAVLU5fRfxhd0TxstJGShQCmBa2FBMGgcJ9UhSXogBTAxp0ZT5IbSJnoey+ZcDRJlvy1/uvJDwzNM YhlOCU3iDzFbxDE7a6uJIjWvJbIxwsy1E2W5gBUsB4fNs1nnFWwv7MGYgUmAZHhvC0Dg3RSmB1NsY pyMmq1WMjUc3JBQXc+tr3w==; Date: Sun, 18 May 2025 08:16:26 +0300 Message-Id: <861psmv6qd.fsf@gnu.org> From: Eli Zaretskii To: Daniel Kahn Gillmor In-Reply-To: <87o6vqbobs.fsf@fifthhorseman.net> (message from Daniel Kahn Gillmor on Sat, 17 May 2025 23:16:39 -0400) Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87o6vqbobs.fsf@fifthhorseman.net> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Daniel Kahn Gillmor > Cc: 78448@debbugs.gnu.org > Date: Sat, 17 May 2025 23:16:39 -0400 > > Hi Eli-- > > On Sat 2025-05-17 13:15:43 +0300, Eli Zaretskii wrote: > > In any case, Daniel, to accept a contribution this large, we will need > > you to assign to the FSF the copyright for your Emacs-related changes. > > If you agree to do that, I will send you the form to fill and the > > instructions to go with it. > > I'm pretty frustrated and disappointed with the FSF these days, but i > still care about emacs, so i'm willing to make a copyright assignment > for the sake of the tooling here and the broader ecosystem around it. > > Please send me the form and instructions. Thanks, form sent off-list. From debbugs-submit-bounces@debbugs.gnu.org Tue May 20 14:47:08 2025 Received: (at 78448) by debbugs.gnu.org; 20 May 2025 18:47:08 +0000 Received: from localhost ([127.0.0.1]:35506 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uHRzX-00043K-T4 for submit@debbugs.gnu.org; Tue, 20 May 2025 14:47:08 -0400 Received: from che.mayfirst.org ([2001:470:1:116::7]:40759) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uHRzV-00042r-00 for 78448@debbugs.gnu.org; Tue, 20 May 2025 14:47:06 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1747766823; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=mEdt/yz9/NC28PGrk1LUoILO8O/gdxqPAV/kIcxjzQg=; b=I01ItZFd44CoQw8y6H7tVkwwBrstjf4Kc8P5pz7yfb7mxZmSLJZrauKNwHGfL4YwjM8T0 Tf4waBpNV/m84tZDw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1747766823; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=mEdt/yz9/NC28PGrk1LUoILO8O/gdxqPAV/kIcxjzQg=; b=RZN1FRySrKqeVpzueHMAjkJo4kNS0Cr7xXhFVxWOKecWnLDIXOxnn1JzzqNIPu9TMghM9 +PjAo0ATlS+Ra7oR7CHxTMAkwzp0cHZsjAw/mxE8c9lqua7ouImd0XOnY1XnAtSEq4KsuDy SB2++f1QAbCGD4UKTa0rR6KN3nqpw6IzhSTLPdg/hGUDVUMKNv5lnqdXzP7mcjRy0b9mNz+ HYFf5IDPVUntCABLk2kb7HmpKVN2Ty8VKdrCKJjbkpjcuSxMN+mMeO67CWCekr/bGDE7jvd BmCN30X14oi7jtENgDnCTY3C9ozghQdlJ4pTuLmaq8C+5rKscHxOYVawTXiQ== Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id D87DAF9B1 for <78448@debbugs.gnu.org>; Tue, 20 May 2025 14:47:03 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 8F30C13F6B1; Tue, 20 May 2025 14:47:00 -0400 (EDT) From: Daniel Kahn Gillmor To: 78448@debbugs.gnu.org Subject: [PATCH 3/3 v2] Re: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87a57dciom.fsf@fifthhorseman.net> References: <87a57dciom.fsf@fifthhorseman.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Tue, 20 May 2025 14:47:00 -0400 Message-ID: <87cyc3m863.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="==-=-="; X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --==-=-= Sig: t=p; b=iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaCzOJAAKCRB4C4VO2cK0 luHdAP4oyjip/xHWib17ZjiFDXzRbZZGO/jRuF4zUJX/KNMqFwD+OBw7FMMYsUVy vYYS7iDXzzIcc+C7Il9taDRgm1QofAM= From: Daniel Kahn Gillmor To: 78448@debbugs.gnu.org Subject: [PATCH 3/3 v2] Re: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87a57dciom.fsf@fifthhorseman.net> References: <87a57dciom.fsf@fifthhorseman.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Tue, 20 May 2025 14:47:00 -0400 Message-ID: <87cyc3m863.fsf@fifthhorseman.net> Content-Type: multipart/mixed; boundary="=-=-="; hp="clear" --=-=-= Content-Type: text/plain Attached is a revised version of patch 3, which corrects the default keybindings. --dkg --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0003-mml-Add-C-c-RET-s-u-to-make-Unobtrusive-Signature.patch Content-Transfer-Encoding: quoted-printable From=20a5de7ee57e1933a0783c8346db52c569074c07f7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 22:03:25 -0400 Subject: [PATCH] mml: Add C-c RET s u to make Unobtrusive Signature This adds to the default keymap to make it relatively easy to make an Unobtrusive Signature when sending mail. Unobtrusive Signatures are defined on a per-message basis, and explicitly ignored per-part, so we do not facilitate part-based signing. Signed-off-by: Daniel Kahn Gillmor =2D-- lisp/gnus/mml-sec.el | 5 +++++ lisp/gnus/mml.el | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 6fb82836e9a..71913c8e8cc 100644 =2D-- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el @@ -399,6 +399,11 @@ Use METHOD if given. Else use `mml-secure-method' or (or method mml-secure-method mml-default-sign-method) 'encrypt)) =20 +(defun mml-secure-message-sign-unobtrusive () + "Add MML tag to encrypt/sign the entire message." + (interactive nil mml-mode) + (mml-secure-message "unobtrusive" 'sign)) + (defun mml-secure-message-sign-smime () "Add MML tag to encrypt/sign the entire message." (interactive nil mml-mode) diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 11a8de7c011..52c9c63833a 100644 =2D-- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -1178,7 +1178,8 @@ If HANDLES is non-nil, use it instead reparsing the b= uffer." "s" (define-keymap "p" #'mml-secure-message-sign-pgpmime "o" #'mml-secure-message-sign-pgp =2D "s" #'mml-secure-message-sign-smime) + "s" #'mml-secure-message-sign-smime + "u" #'mml-secure-message-sign-unobtrusive) "S" (define-keymap "p" #'mml-secure-sign-pgpmime "o" #'mml-secure-sign-pgp =2D-=20 2.47.2 --=-=-=-- --==-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Wed May 28 08:44:35 2025 Received: (at 78448) by debbugs.gnu.org; 28 May 2025 12:44:36 +0000 Received: from localhost ([127.0.0.1]:51836 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uKG95-0004vw-71 for submit@debbugs.gnu.org; Wed, 28 May 2025 08:44:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:35440) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uKG8y-0004ua-MK for 78448@debbugs.gnu.org; Wed, 28 May 2025 08:44:32 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uKG8r-0008DJ-RU; Wed, 28 May 2025 08:44:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=Date:References:Subject:In-Reply-To:To:From: mime-version; bh=KqZHMYiPaQN26L0e4WYIeZffW5UmKrCpHINfEXQQx44=; b=C2szo6za3rD/ n28EKuSDQazON4vfKYrqjxSLT+qA6ms/Z/5Hx931SZHn9ldRkZovZ+aZ4+BVUK7QT4csmkug8DqmK nIPLir24qBHFXpaUJC6Ok5uqIehm8EG8WY/nmfsim7xVUJISV92Zijoyvsjuu8ky6C0YJ/H6j2eFr QHdTDmkrOJcyKHChX6JoFv7SdDtdYby3O5RubwZ/7DSUA1r6r2B5XFOeEoBH83LkNsMTey9T44DHA UIjjVbJHm5LRflzp5BiDta3OjUbxqvhJZ1vN2SwI4FRqEYdjMr4k0QEHq6YdVbzVQuFqb32i0nBKv NwYpKPeU0FYPDRCnpK3uoQ==; Received: from rms by fencepost.gnu.org with local (Exim 4.90_1) (envelope-from ) id 1uKG8r-0008CY-EY; Wed, 28 May 2025 08:44:21 -0400 Content-Type: text/plain; charset=Utf-8 From: Richard Stallman To: Eli Zaretskii In-Reply-To: <86v7pzv8z4.fsf@gnu.org> (message from Eli Zaretskii on Sat, 17 May 2025 13:15:43 +0300) Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> Message-Id: Date: Wed, 28 May 2025 08:44:21 -0400 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, dkg@fifthhorseman.net X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: rms@gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) [[[ To any NSA and FBI agents reading my email: please consider ]]] [[[ whether defending the US Constitution against all enemies, ]]] [[[ foreign or domestic, requires you to follow Snowden's example. ]]] > i want > > to be able to produce an "Unobtrusive Signature" using OpenPGP as > > described in > > https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatures/ Can GPG do this job also? If so, we should by default use GPG to do this, unless the user specifies a different command to use. -- Dr Richard Stallman (https://stallman.org) Chief GNUisance of the GNU Project (https://gnu.org) Founder, Free Software Foundation (https://fsf.org) Internet Hall-of-Famer (https://internethalloffame.org) From debbugs-submit-bounces@debbugs.gnu.org Wed May 28 10:13:29 2025 Received: (at 78448) by debbugs.gnu.org; 28 May 2025 14:13:29 +0000 Received: from localhost ([127.0.0.1]:54427 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uKHX6-0007j9-VI for submit@debbugs.gnu.org; Wed, 28 May 2025 10:13:29 -0400 Received: from che.mayfirst.org ([162.247.75.118]:44719) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uKHX3-0007ir-HI for 78448@debbugs.gnu.org; Wed, 28 May 2025 10:13:26 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1748441604; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=Hwc1hGnHX6esmfzwfvJ+oXYv9cm5mbfkHDLFyVpoG4A=; b=CV3kzXSDSr83N5Vu/fYCwMhM4E1kbp0lTXXhdAvYDts//4wYekeu1FmOBRV04y1gMRPIT HFheqYT7BCpyR++BA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1748441604; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=Hwc1hGnHX6esmfzwfvJ+oXYv9cm5mbfkHDLFyVpoG4A=; b=lvREiNyjwnkgk2Vi889/Y33yfstOTf68VaEoG9y808Zae0GAVv93dWShOyYuI1JCPrk/p 3AbiqLwi4afOjDlXWXDsJaqBYnmHmvRqTdmzqAUc653fdWEOQtqaPr2Py5Hp9RARhadznsE q/CdaW8bDv6cZFdkJVoADIJCnnMw+zwcw6/93E5gmfoGZPBmQ8gfcgz7P4mhGPAc0jDv9Go dyunVKZijFjvEi/ZMLT55aX+kgqog4bGtvK8YNWKz0ahp1Pdg6zh+hQE7gHB6ohQ+RaHB5M PV6UEEEZZAGOdaFXKfjYBdgUkiwSbn54zNHw7JKpGMVCWogXMMAuu2h9kS4A== Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 40F16F9B1; Wed, 28 May 2025 10:13:24 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 9AA9D13F6AD; Wed, 28 May 2025 10:07:25 -0400 (EDT) From: Daniel Kahn Gillmor To: rms@gnu.org, Eli Zaretskii Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Wed, 28 May 2025 10:07:25 -0400 Message-ID: <87frgorfqa.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-="; X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --=-=-= Sig: t=p; b=iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaDcYnQAKCRB4C4VO2cK0 ljPIAQCxFYjIxCAHPWIqf1m4QC6Rof8i+HlhFJmV0rpx0RjWeAEAjNQM01iZJSo4 hV2sXXh98n137yEwZjHGV8DoEmVEIw0= From: Daniel Kahn Gillmor To: rms@gnu.org, Eli Zaretskii Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Wed, 28 May 2025 10:07:25 -0400 Message-ID: <87frgorfqa.fsf@fifthhorseman.net> Content-Type: text/plain; hp="clear" On Wed 2025-05-28 08:44:21 -0400, Richard Stallman wrote: > [ dkg wrote: ] > > > i want to be able to produce an "Unobtrusive Signature" using > > > OpenPGP as described in > > > https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatures/ > > Can GPG do this job also? If so, we should by default use GPG to do > this, unless the user specifies a different command to use. The proposed patch series explicitly relies on emacs's epg to make the actual signature. epg is an emacs library to use GPG. So i think what you're asking for is already being done in this series. For background: GPG typically does not handle e-mails directly. Rather, the mail user agent (MUA) needs to figure out how to modify the pending e-mail message to be able to feed it into GPG as a text or binary document to make an OpenPGP signature; then the MUA has to restructure the message again to ship both the substance and the signature into a single e-mail message. Regards, --dkg --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat May 31 05:21:31 2025 Received: (at 78448) by debbugs.gnu.org; 31 May 2025 09:21:31 +0000 Received: from localhost ([127.0.0.1]:55566 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uLIPC-0003vX-SC for submit@debbugs.gnu.org; Sat, 31 May 2025 05:21:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60618) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uLIP9-0003v5-FV for 78448@debbugs.gnu.org; Sat, 31 May 2025 05:21:28 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uLIP3-00024s-3D; Sat, 31 May 2025 05:21:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=i4M4iCwsTNv6/YWWJya3ehQh2csi5ndJwwmhOujBkDg=; b=RoFpmlC7YPiT ZcWwcpvCm/Re9qxZmmWE59ddLLX8byrW/BB9Aehrs9qa+znebZduXN3aZgkahwIfoQKkR52IQOahr z8TBaZwiEOH0m49jp7VZGDZP2vX12RZKduW+KqLUskxM0wwnt8VKAhncQUlXnJf5/WuR8STjcMpHv fA300aH5i1HdEVwjzyZEhFejxio/EKUqLamaVYDcrjTf9igtHEortyc5iI0jf6o6v1A0VZEevC8A6 QTEgl57MzgiZ5jfv+U3HV5OugwPWm0ng3ADYxZqw5V7OLgJRdQpU1PMLVIyY49gGMYDNgmWFu1P4z JYODC2ygeWgOcFPvBEQkjA==; Date: Sat, 31 May 2025 12:21:10 +0300 Message-Id: <86ldqdrv95.fsf@gnu.org> From: Eli Zaretskii To: Daniel Kahn Gillmor , eric@ericabrahamsen.net In-Reply-To: <87frgorfqa.fsf@fifthhorseman.net> (message from Daniel Kahn Gillmor on Wed, 28 May 2025 10:07:25 -0400) Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 78448 Cc: 78448@debbugs.gnu.org, rms@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Ping! Eric, would you please chime in and comment on the patch? > From: Daniel Kahn Gillmor > Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org > Date: Wed, 28 May 2025 10:07:25 -0400 > > On Wed 2025-05-28 08:44:21 -0400, Richard Stallman wrote: > > [ dkg wrote: ] > > > > i want to be able to produce an "Unobtrusive Signature" using > > > > OpenPGP as described in > > > > https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatures/ > > > > Can GPG do this job also? If so, we should by default use GPG to do > > this, unless the user specifies a different command to use. > > The proposed patch series explicitly relies on emacs's epg to make the > actual signature. epg is an emacs library to use GPG. So i think what > you're asking for is already being done in this series. > > For background: GPG typically does not handle e-mails directly. Rather, > the mail user agent (MUA) needs to figure out how to modify the pending > e-mail message to be able to feed it into GPG as a text or binary > document to make an OpenPGP signature; then the MUA has to restructure > the message again to ship both the substance and the signature into a > single e-mail message. > > Regards, > > --dkg From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 03 05:32:49 2025 Received: (at 78448) by debbugs.gnu.org; 3 Jun 2025 09:32:49 +0000 Received: from localhost ([127.0.0.1]:60138 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uMO0m-00085i-SS for submit@debbugs.gnu.org; Tue, 03 Jun 2025 05:32:49 -0400 Received: from mail-wr1-x42d.google.com ([2a00:1450:4864:20::42d]:53630) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1uMO0i-00084h-KB for 78448@debbugs.gnu.org; Tue, 03 Jun 2025 05:32:45 -0400 Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-3a4f71831abso3857559f8f.3 for <78448@debbugs.gnu.org>; Tue, 03 Jun 2025 02:32:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1748943158; x=1749547958; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MihD3dMGxrq+FnT40zMHNamJ2chWAMcfkCtJbYCKe6A=; b=h10Et0AWkV0AlpAi0E4v+dwzOBF/ot8XmnYHVD+0ik8/DjviodMhx83YxUFVNlRRt9 iIg8kZv3d93Rf7+3SjVGhFE06MnXXeB/95F2lrVf3AYu6XnWZ4D8PMybpV41f0vKXDLG xPlPhiDxjsYusXeqyE//APq39uBU81ZubrAGPuoZoAZPx24I4psg6JwMpdCjVRjYqSIO /NcWqE1zY0mv6PHo6ZxB1u2Hzv+G1efGxVZEiozqMgNqQt3Ma0JXvmd18W8UHaxAK08s sZ8JpM3XZdNo3YAQzcd0aqRiuxh2X0Kn7HFvGnXxG/g9YI5mNGQfkydKXQkubQKZGpwz iXQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748943158; x=1749547958; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MihD3dMGxrq+FnT40zMHNamJ2chWAMcfkCtJbYCKe6A=; b=X0h15ddCye/vooivrxGOQH2kTJ5TGB1XKO+kQb6Z/90ptS1BUrJEO/qJJIBXOjl4N1 IIWdJDJdHGipNWoxgRAk2VI85BI5ITQvVQBXfgXFbX5/37q12bwVMs19370CA9gQkcvI OtotQsCyd3PZUQ28CLMpFbo1Vs3srmznx9o95sLJ+1pvYx9TUArlNzhoP4uPuOci7+cy 3IlLrZtXGSCgxUiGrXICeJTl4Pq1sybQn17Ktm+RgnuyDViTNxkRZ8qXCHcFXIRkwz3c LXrjaIxN4DDr9S4ovHOSYe6VI1ovvA1pP9SMF3SjkqzLJUMyEVOt66r5WK8Yxp1OCRuF 6ypg== X-Forwarded-Encrypted: i=1; AJvYcCUxdM/6S/wNHZx/+sGxao7mflWPt0AevIdkFKK1fxWjYVMue4YZXeUZjqc4Cpu2XWxCPtqk4w==@debbugs.gnu.org X-Gm-Message-State: AOJu0YyfXvkTuLSPJdp8bPtQJNy3r4dd8YclyTXD1i2HH4klSRWNd31Z DAvNBJlOiubh2Mx6v3PRACQbBLx3+aooR24qgxRGOJgjsgLe1VtuvxzV X-Gm-Gg: ASbGncvhHuSvoMPV6o1JAmjV9csds2/T/btreyjHZ+fiqx9uNs+GqU6+5nc8v/irnp9 3pfbacyLLA4piOXIxHnvKgwUMzn1dxnbwOyhNIeBxdVagcFVm7ZNLZo9EdgOX4cJ07eq2JGkYHa 9icxxVZ6BkCafO3l3tC3RIrhZs5ysj1jC/jL95w3kBrT28ZMtJeT/i1CZluiXVwPi80AV7nFRCI i37hsNLCX4nvuKf9g+crfkkl8W4QgEuIiTGVCLe9a0ag2G5H8CeR5OaJrUQPA4VuNhegFahN6tT 7OWZi7NRrQUVB0HzYNDd8ZOTp1HakKcGUVyB8cw= X-Google-Smtp-Source: AGHT+IFt1FqePeQW6agUX//xcYDaJmxiOqmNweLXuBIg9mFBWIJdVyY4qeUbOTjEvGpxbF+2QMzIjQ== X-Received: by 2002:a05:6000:228a:b0:3a4:e706:5326 with SMTP id ffacd0b85a97d-3a4f89a47b2mr12371202f8f.3.1748943157504; Tue, 03 Jun 2025 02:32:37 -0700 (PDT) Received: from rltb ([2a01:e0a:3f3:fb51:3727:54e6:5eaf:345a]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3a4efe5b7b0sm17765261f8f.10.2025.06.03.02.32.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Jun 2025 02:32:37 -0700 (PDT) From: Robert Pluim To: Eli Zaretskii Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <86ldqdrv95.fsf@gnu.org> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> Date: Tue, 03 Jun 2025 11:32:36 +0200 Message-ID: <87o6v5b26j.fsf_-_@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, rms@gnu.org, Daniel Kahn Gillmor X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) >>>>> On Sat, 31 May 2025 12:21:10 +0300, Eli Zaretskii said: Eli> Ping! Eric, would you please chime in and comment on the Eli> patch? I=CA=BCm not Eric, but I have comments and questions below Daniel> These three patches appear to do the trick for me. I'm not an = elisp Daniel> guru or a gnus expert. I'm happy to hear any feedback about ho= w they Daniel> could be improved. Daniel> Regards, Daniel> --dkg Daniel> From 81c3e7f5de0bbb24bbd2a2b43a103fb83c530f6d Mon Sep 17 00:00:= 00 2001 Daniel> From: Daniel Kahn Gillmor Daniel> Date: Thu, 15 May 2025 21:49:32 -0400 Daniel> Subject: [PATCH 1/3] mml: Pass likely headers through to mml-se= c functions Daniel> By pre-computing the likely headers for an outbound message, an= d passing Daniel> them along as a tag in mml-parse, we create an opportunity to p= rovide Daniel> Header Protection as described in Daniel> https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protec= tion/ Is this necessary for unobtrusive signatures to work? If it=CA=BCs to enable future functionality I=CA=BCd rather leave it out. Daniel> Signed-off-by: Daniel Kahn Gillmor We don=CA=BCt use Signed-off-by (and I think a change of this size probably requires copyright assignment). Daniel> --- Daniel> lisp/gnus/mml.el | 17 +++++++++++++++++ Daniel> 1 file changed, 17 insertions(+) Daniel> diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el Daniel> index 51d8d2c3769..11a8de7c011 100644 Daniel> --- a/lisp/gnus/mml.el Daniel> +++ b/lisp/gnus/mml.el Daniel> @@ -265,6 +265,8 @@ part. This is for the internal use, you sh= ould never modify the value.") Daniel> (apply #'mml-insert-tag Daniel> secure-mode Daniel> `(,@tags Daniel> + ,"likely-headers" Daniel> + ,(mml-get-likely-headers) Daniel> ,(if keyfile "keyfile") Daniel> ,keyfile Daniel> ,@(apply #'append Daniel> @@ -492,6 +494,21 @@ If MML is non-nil, return the buffer up ti= ll the correspondent mml tag." Daniel> (declare-function libxml-parse-html-region "xml.c" Daniel> (start end &optional base-url discard-comments)) =20 Daniel> +(defun mml-get-likely-headers () Daniel> + "Get likely final headers from the existing message" Daniel> + (save-excursion Daniel> + (save-restriction Daniel> + (message-narrow-to-headers-or-head) Daniel> + (let ((x (buffer-substring (point-min) (point-max)))) Daniel> + (with-temp-buffer Daniel> + (insert x) Daniel> + (message-remove-header "Bcc") Daniel> + (message-remove-header message-ignored-mail-headers = t) Daniel> + (mail-encode-encoded-word-buffer) Daniel> + (message-cleanup-headers) Daniel> + (buffer-string) Daniel> + ))))) Daniel> + `with-output-to-string' is what you=CA=BCre looking for here, I think. Daniel> (defun mml-generate-mime (&optional multipart-type content-typ= e) Daniel> "Generate a MIME message based on the current MML document. Daniel> MULTIPART-TYPE defaults to \"mixed\", but can also Daniel> --=20 Daniel> 2.47.2 Daniel> From 75f8c5c936deafea1ee44edad5e0f530ec6c4dfc Mon Sep 17 00:00:= 00 2001 Daniel> From: Daniel Kahn Gillmor Daniel> Date: Thu, 15 May 2025 21:54:06 -0400 Daniel> Subject: [PATCH 2/3] mml: Enable production of Unobtrusive Sign= atures via epg Daniel> https://datatracker.ietf.org/doc/draft-gallagher-email-invisibl= e-signatures/ Daniel> describes a mechanism to produce cleartext signatures over MIME= messages Daniel> that are less likely to cause problems than traditional PGP/MIM= E. Daniel> With this patch, it's possible to produce those signatures with: Daniel> (mml-secure-message "unobtrusive" 'sign) Daniel> This patch only works with epg, not with mailcrypt or pgg, beca= use epg Daniel> is what i'm familiar with and what i can easily test. pgg is marked obsolete, and I think mailcrypt is external, so that=CA=BCs ok. Daniel> Signed-off-by: Daniel Kahn Gillmor Daniel> --- Daniel> lisp/gnus/mml-sec.el | 6 ++++++ Daniel> lisp/gnus/mml2015.el | 39 ++++++++++++++++++++++++++++++++++++= +++ Daniel> 2 files changed, 45 insertions(+) Daniel> diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el Daniel> index 8dffcf872f3..6fb82836e9a 100644 Daniel> --- a/lisp/gnus/mml-sec.el Daniel> +++ b/lisp/gnus/mml-sec.el Daniel> @@ -34,6 +34,7 @@ Daniel> (autoload 'mail-strip-quoted-names "mail-utils") Daniel> (autoload 'mml2015-sign "mml2015") Daniel> (autoload 'mml2015-encrypt "mml2015") Daniel> +(autoload 'mml-unobtrusive-sign "mml2015") Daniel> (autoload 'mml1991-sign "mml1991") Daniel> (autoload 'mml1991-encrypt "mml1991") Daniel> (autoload 'message-fetch-field "message") Daniel> @@ -56,6 +57,7 @@ Daniel> '(("smime" mml-smime-sign-buffer mml-smime-sign-quer= y) Daniel> ("pgp" mml-pgp-sign-buffer list) Daniel> ("pgpauto" mml-pgpauto-sign-buffer list) Daniel> + ("unobtrusive" mml-unobtrusive-sign-buffer list) Daniel> ("pgpmime" mml-pgpmime-sign-buffer list)) Daniel> "Alist of MIME signer functions.") =20 Daniel> @@ -198,6 +200,10 @@ You can also customize or set `mml-signenc= rypt-style-alist' instead." Daniel> (or (mml2015-sign cont) Daniel> (error "Signing failed... inspect message logs for error= s"))) =20 Daniel> +(defun mml-unobtrusive-sign-buffer (cont) Daniel> + (or (mml-unobtrusive-sign cont) Daniel> + (error "Signing failed... inspect message logs for error= s"))) Daniel> + Daniel> (defun mml-pgpmime-encrypt-buffer (cont &optional sign) Daniel> (or (mml2015-encrypt cont sign) Daniel> (error "Encryption failed... inspect message logs for er= rors"))) Daniel> diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el Daniel> index a46aa68f56a..646fb018a31 100644 Daniel> --- a/lisp/gnus/mml2015.el Daniel> +++ b/lisp/gnus/mml2015.el Daniel> @@ -25,6 +25,9 @@ Daniel> ;; RFC 2015 is updated by RFC 3156, this file should be compat= ible Daniel> ;; with both. =20 Daniel> +;; This is also capable of producing unobtrusive signatures ba= sed on Daniel> +;; draft-gallagher-email-unobtrusive-signatures Daniel> + Daniel> ;;; Code: =20 Daniel> (eval-when-compile (require 'cl-lib)) Daniel> @@ -945,6 +948,42 @@ If set, it overrides the setting of `mml20= 15-sign-with-sender'." Daniel> (insert (format "--%s--\n" boundary)) Daniel> (goto-char (point-max)))) =20 Daniel> +;;; Unobtrusive Signatures, see: Daniel> +;;; https://datatracker.ietf.org/doc/draft-gallagher-email-uno= btrusive-signatures/ Daniel> + Daniel> +; convert ASCII-armored PGP SIGNATURE block to base64-encoded = with FWS Daniel> +; at the start of each line: Daniel> +(defun pgpsig-armor-to-wrapped-b64 (s) Daniel> + (string-join Daniel> + (string-split Daniel> + (string-trim-right Daniel> + (string-trim-left s "-----BEGIN PGP SIGNATURE-----\n\\(?:= [^\n]+\n\\)*\n") Daniel> + "\n\\(?:=3D....\n\\)?-----END PGP SIGNATURE-----\n?") Daniel> + "\n") Daniel> + "\n ")) Daniel> + Daniel> +(defun mml-unobtrusive-sign (cont) Daniel> + (goto-char (point-min)) Daniel> + (insert (cdr (assq 'likely-headers cont))) Daniel> + (re-search-forward "^Content-Type: [^\n]*\\(\n[ \t][^\n]*$\\= )*") Daniel> + (insert "; hp=3D\"clear\"") Daniel> + (re-search-forward "^") I think that=CA=BCs better expressed as: (forward-line 1) Also, what is the chance that this will end up inserting certain headers twice? Robert --=20 From debbugs-submit-bounces@debbugs.gnu.org Fri Jun 06 16:32:32 2025 Received: (at 78448) by debbugs.gnu.org; 6 Jun 2025 20:32:32 +0000 Received: from localhost ([127.0.0.1]:45538 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uNdjs-0001sf-6u for submit@debbugs.gnu.org; Fri, 06 Jun 2025 16:32:32 -0400 Received: from che.mayfirst.org ([2001:470:1:116::7]:42059) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uNdjo-0001sP-Rp for 78448@debbugs.gnu.org; Fri, 06 Jun 2025 16:32:30 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1749241947; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=24R+YBpyqxtnc9ykoLePFtR7eXXbF2jR4UH38U+3knM=; b=7OJieegbXOp2mVjSo4KuRfGOBhbepjktSEt4HW4t74MrhyIK6m4No1984Ob7W4jdiPwEy rfPwPTnGkysE60uCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1749241947; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=24R+YBpyqxtnc9ykoLePFtR7eXXbF2jR4UH38U+3knM=; b=eZVBKyE1J425A07ATnvJP/aJJDvbLSpdn+cW/4xme8F0SBgH6hC/fgwxPpdTWY7/rtc4i JfztekY33GP6+ueYgosO4Jt2+cSkExUqRAvL09X1pvu5igKCrOM3bcjZKa6YVpbWEhK668j lUBDttZHQ5nSZxo6kx/RjdPeGp8F62NvKgXBlbXvJbuEs7N5DI42lsxYUM2GvbOkbgce5A3 x9pnvmOum02A38+idYFraqAKE9+5m4TbspQno55TucfbSSablvPp2ASzBrAxoYCEDfQphyz ddxgNVHpN9rf6yD6QedzurWNo7hOP58XoPBklzOCQtV8cwshioo+vs9EFfbA== Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id B6780F9B3; Fri, 6 Jun 2025 16:32:27 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id B932213F6C3; Fri, 06 Jun 2025 16:32:18 -0400 (EDT) From: Daniel Kahn Gillmor To: Robert Pluim , Eli Zaretskii Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87o6v5b26j.fsf_-_@gmail.com> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Fri, 06 Jun 2025 16:32:18 -0400 Message-ID: <87h60spq5p.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-="; X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, rms@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Sig: t=p; b=iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaENQUgAKCRB4C4VO2cK0 lqcwAQDHSzQxBCAHqA12CufL391Tw8hUq5s/7GCUA1fMJSNcSAD/cB07PWRp6lHn MafgnnzgMYaSJ16aItgfHhZzQ3ssSAA= From: Daniel Kahn Gillmor To: Robert Pluim , Eli Zaretskii Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, rms@gnu.org Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87o6v5b26j.fsf_-_@gmail.com> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Fri, 06 Jun 2025 16:32:18 -0400 Message-ID: <87h60spq5p.fsf@fifthhorseman.net> Content-Type: text/plain; charset=utf-8; hp="clear" Content-Transfer-Encoding: quoted-printable Hi Robert-- Thank you for the review! On Tue 2025-06-03 11:32:36 +0200, Robert Pluim wrote: > Daniel> By pre-computing the likely headers for an outbound message, = and passing > Daniel> them along as a tag in mml-parse, we create an opportunity to= provide > Daniel> Header Protection as described in > Daniel> https://datatracker.ietf.org/doc/draft-ietf-lamps-header-prot= ection/ > > Is this necessary for unobtrusive signatures to work? If it=CA=BCs to > enable future functionality I=CA=BCd rather leave it out. Yes, unobtrusive signatures are defined with header protection mandatory. Please see https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-signatur= es/ > We don=CA=BCt use Signed-off-by (and I think a change of this size probab= ly > requires copyright assignment). OK, feel fre to strip Signed-off-by when applying, that doesn't matter to me at all. I'm already in communication with assign@gnu.org about copyright assignment. > Daniel> +(defun mml-get-likely-headers () > Daniel> + "Get likely final headers from the existing message" > Daniel> + (save-excursion > Daniel> + (save-restriction > Daniel> + (message-narrow-to-headers-or-head) > Daniel> + (let ((x (buffer-substring (point-min) (point-max)))) > Daniel> + (with-temp-buffer > Daniel> + (insert x) > Daniel> + (message-remove-header "Bcc") > Daniel> + (message-remove-header message-ignored-mail-header= s t) > Daniel> + (mail-encode-encoded-word-buffer) > Daniel> + (message-cleanup-headers) > Daniel> + (buffer-string) > Daniel> + ))))) > Daniel> + > > `with-output-to-string' is what you=CA=BCre looking for here, I think. with-output-to-string seems to transform stdout (standard output) to a string. But i don't see what i'm doing above as using stdout. I thnk they're all manipulatig a buffer, which is why i've wrapped them in the various staging functions (save-excursion, save-restriction, with-temp-buffer). Which part should be replaced with with-output-to-string? > pgg is marked obsolete, and I think mailcrypt is external, so that=CA=BCs > ok. Thanks! That status was unclear to me. > Daniel> + (re-search-forward "^") > > I think that=CA=BCs better expressed as: > > (forward-line 1) Got it, thanks. > Also, what is the chance that this will end up inserting certain > headers twice? For a signed-only e-mail with header-protection, all of the headers that the generating MUA knows about will appear twice in the message: Once in the outer message header section (outside of the cryptographic envelope), and once in the cryptographic payload (so that they're covered by the signature). It's certainly possible to trim down the message size in the future by dropping header fields that we expect to be ignored in transit by MTAs. But i wouldn't try to do that until we're confident that most receiving MUAs will handle the signed header fields in the Cryptographic Payload. In practice, the cost of all duplicated header fields in aggregate is small compared to, say, a single attached jpg, a boilerplate disclaimer, or (depending on the algorithm) even the signature itself. So I'm not particularly concerned about size. Regards, --dkg --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Mon Jun 09 08:45:36 2025 Received: (at 78448) by debbugs.gnu.org; 9 Jun 2025 12:45:36 +0000 Received: from localhost ([127.0.0.1]:54205 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uObsd-0003j8-E0 for submit@debbugs.gnu.org; Mon, 09 Jun 2025 08:45:35 -0400 Received: from mail-wm1-x32d.google.com ([2a00:1450:4864:20::32d]:61670) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1uObsZ-0003iq-4R for 78448@debbugs.gnu.org; Mon, 09 Jun 2025 08:45:32 -0400 Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-43cfe63c592so49515265e9.2 for <78448@debbugs.gnu.org>; Mon, 09 Jun 2025 05:45:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1749473125; x=1750077925; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=G5xyMIqAXzDlXXEKvFADHT9P0UuYlXkIZ8JYpCzOl0k=; b=X+ZgMfiKQ8gNSmIoYVjEbJc5gKoq20hdwM9upvNiypx/GfGdxQanVBpVmv9StlHbJG V4B39UcXbYptHf9c6ZTBPYnxWyO0EO9diPVmEcdv1t+t5RT0TeEbisWT/qrDz00r+9eR NAXoFpp5fh3/1E8vMnJjhnE7JaWgTOglAqKp0hL5vD4DVep4f3t49cq12VVfT3nICyov A5hnYTuJWxAnU7ZiB2Tu6pxqG5ScU2w1dvtGQJVnF2HIPUPC+K89Db9Zz7DEIbTwZtmb BSVrGrbkQodkTyQAMNpRXSXO7KBNgK1CWQQMMPV2rQQcvv/f2fg5JpgJe6xyGyMyUck/ 8SlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749473125; x=1750077925; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=G5xyMIqAXzDlXXEKvFADHT9P0UuYlXkIZ8JYpCzOl0k=; b=aUQxVKz2R1XffstC/oIxMBF8F9vBwEGGC4l1TlZM7PmPl0yz24dY7hACAb/v5pzrcm 4NCyJAgARv9I7wvDrfhGkWCuzZqGZ3PxlIGbs6mrbGYFTI1ZN7dMbX9dBvaFz6axlPKz rlQZProDfCeWrKXyra2QhSJXKRWpUDl57t8Zms8Vf6WE1eBYUqMxMdJNLoRWpAdpC83F SeIn3UEmwBfDr1yOttQy1kw9bNytjP1v1e5lHxlYza4hVF3ZdAUR4i8FidtKrMcde1k5 Q39G34N024ZvuORHUjEf+Az4iHR5VsxOLsszCRjtQbN7s2vLr8xAi9g33Ih4eK9m0Iny hEcg== X-Forwarded-Encrypted: i=1; AJvYcCXjZVDR2MU2GvvQzkjbHQvTji/hZ87lKLNCGCsRtPCWWjDWOQtPE59RsNw6iQ62jFUq7esAsw==@debbugs.gnu.org X-Gm-Message-State: AOJu0YyRbwoCsZcgdnIsExlEqI51aeL5WhQp/FPcYZydGGNEcMIC2ni8 9g7HuQZLRZ0ShFTVZOx/V358AQS9mg/CCludJ2tnXv/SibObvXDc2oFog4vor2dK X-Gm-Gg: ASbGncsXK8K0cZIT0SlWZPX1kD/bIADbrNX+n7V8DW8ACkP2zegBEbEKuopiBrIpgRS yS9i6PLehR13md1zYxrtcyYrT+R0bIwuzymfpLCjjDD3A+Mte7GT4KEVQtnz0bdhV8ctrQ4YrcX e+RKV6+HpOsBK+pQF0ek6QPP/IUD/Z9viJLLyVAseKo/YAECdJopfhsAm38ggYbt77n+3XvQj7u KWyyEn4A/YdWtJh6jZnY99ntUI4vVsdDdXNs95OY/qNNHmN8pnPdCc6lc6tCeY1vzYzXtafesvr lozN/+NJ1e3ud1BoNho4COVoRO4ebQyxVU5brRkmxA7z9kp6 X-Google-Smtp-Source: AGHT+IGlOSjar74ZUtUJscgQZpjkann/zCAhxTTtAZWb0nwOkPH2hndvtZh66tI8jk7LwQFuC3w/7w== X-Received: by 2002:a05:6000:4313:b0:3a5:25e4:264f with SMTP id ffacd0b85a97d-3a531cb01acmr10729364f8f.31.1749473124635; Mon, 09 Jun 2025 05:45:24 -0700 (PDT) Received: from rltb ([2a01:e0a:3f3:fb51:5c8d:25ac:a59:60fb]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3a53229dc33sm9391859f8f.20.2025.06.09.05.45.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Jun 2025 05:45:24 -0700 (PDT) From: Robert Pluim To: Daniel Kahn Gillmor Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87h60spq5p.fsf@fifthhorseman.net> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> <87h60spq5p.fsf@fifthhorseman.net> Date: Mon, 09 Jun 2025 14:45:23 +0200 Message-ID: <871prtqe1o.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, Eli Zaretskii , rms@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) >>>>> On Fri, 06 Jun 2025 16:32:18 -0400, Daniel Kahn Gillmor said: Daniel> Hi Robert-- Daniel> Thank you for the review! Daniel> On Tue 2025-06-03 11:32:36 +0200, Robert Pluim wrote: Daniel> By pre-computing the likely headers for an outbound message, an= d passing Daniel> them along as a tag in mml-parse, we create an opportunity to p= rovide Daniel> Header Protection as described in Daniel> https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protec= tion/ >>=20 >> Is this necessary for unobtrusive signatures to work? If it=CA=BCs to >> enable future functionality I=CA=BCd rather leave it out. Daniel> Yes, unobtrusive signatures are defined with header protection Daniel> mandatory. OK, it=CA=BCs just that the wording sounded like future work. Daniel> Please see Daniel> https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrus= ive-signatures/ >> We don=CA=BCt use Signed-off-by (and I think a change of this size p= robably >> requires copyright assignment). Daniel> OK, feel fre to strip Signed-off-by when applying, that doesn't= matter Daniel> to me at all. I'm already in communication with assign@gnu.org= about Daniel> copyright assignment. OK. It=CA=BCs just slightly annoying, because our default commit hooks refuse Signed-off-by. But I=CA=BCll probably need to edit the commit message anyway. Daniel> +(defun mml-get-likely-headers () Daniel> + "Get likely final headers from the existing message" Daniel> + (save-excursion Daniel> + (save-restriction Daniel> + (message-narrow-to-headers-or-head) Daniel> + (let ((x (buffer-substring (point-min) (point-max)))) Daniel> + (with-temp-buffer Daniel> + (insert x) Daniel> + (message-remove-header "Bcc") Daniel> + (message-remove-header message-ignored-mail-headers = t) Daniel> + (mail-encode-encoded-word-buffer) Daniel> + (message-cleanup-headers) Daniel> + (buffer-string) Daniel> + ))))) Daniel> + >>=20 >> `with-output-to-string' is what you=CA=BCre looking for here, I thin= k. Daniel> with-output-to-string seems to transform stdout (standard outpu= t) to a Daniel> string. But i don't see what i'm doing above as using stdout. = I thnk Daniel> they're all manipulatig a buffer, which is why i've wrapped the= m in the Daniel> various staging functions (save-excursion, save-restriction, Daniel> with-temp-buffer). Which part should be replaced with Daniel> with-output-to-string? You could use it instead of `with-temp-buffer', but it=CA=BCs not a major point. >> Also, what is the chance that this will end up inserting certain >> headers twice? Daniel> For a signed-only e-mail with header-protection, all of the hea= ders that Daniel> the generating MUA knows about will appear twice in the message= : Once in Daniel> the outer message header section (outside of the cryptographic Daniel> envelope), and once in the cryptographic payload (so that they'= re Daniel> covered by the signature). Thanks, I=CA=BCd missed that the headers were repeated in a separate part. I don=CA=BCt think it will be an issue. Daniel> It's certainly possible to trim down the message size in the fu= ture by Daniel> dropping header fields that we expect to be ignored in transit = by MTAs. Daniel> But i wouldn't try to do that until we're confident that most r= eceiving Daniel> MUAs will handle the signed header fields in the Cryptographic = Payload. Daniel> In practice, the cost of all duplicated header fields in aggreg= ate is Daniel> small compared to, say, a single attached jpg, a boilerplate di= sclaimer, Daniel> or (depending on the algorithm) even the signature itself. So = I'm not Daniel> particularly concerned about size. I just tried it, I needed the small patch below to get it to compile without warnings. What goes out on the wire to gmail looks correct, and what=CA=BCs stored there is correct as well. I can=CA=BCt see the Sig header in Gnus, but maybe that=CA=BCs Gnus not parsing the message correctly :-) Robert --=20 diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 972f1bce0a1..cfe4709f275 100644 --- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -494,6 +494,9 @@ mml-inhibit-compute-boundary (declare-function libxml-parse-html-region "xml.c" (start end &optional base-url discard-comments)) =20 +(defvar message-ignored-mail-headers) +(declare-function message-cleanup-headers "message") + (defun mml-get-likely-headers () "Get likely final headers from the existing message" (save-excursion From debbugs-submit-bounces@debbugs.gnu.org Mon Jun 09 18:54:12 2025 Received: (at 78448) by debbugs.gnu.org; 9 Jun 2025 22:54:12 +0000 Received: from localhost ([127.0.0.1]:58496 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uOlNc-0002cW-54 for submit@debbugs.gnu.org; Mon, 09 Jun 2025 18:54:12 -0400 Received: from che.mayfirst.org ([2001:470:1:116::7]:58393) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uOlNY-0002c0-QD for 78448@debbugs.gnu.org; Mon, 09 Jun 2025 18:54:10 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1749509647; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=9RDiJHsFmyd/4S9jJ3wCl4qoerO0wTYbHHWCyt5eQYY=; b=0j+GIpyACTUu93ZuoF8NvN5+v72m+qD450MGUI1ixSZxiuR1EvQ0P3GA1/PmTO70pY4AY SMICu/9uw0ZhRbUDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1749509647; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=9RDiJHsFmyd/4S9jJ3wCl4qoerO0wTYbHHWCyt5eQYY=; b=CEaOuR2LIBBZyXs0dIt98StxCYFcBSHZQSvAoEKQPwvgeaIgHtsUPwwb7fpn6mvw6D0jx QD9opt3sDS1tlAIMdJpi+iiNrPdJyxskqsL8eMVV3Dz7WSrHh6jp/3LtghDooeJVvsanxfj X40j/4gc7nL7IDXFUzL9nd1zk3nTgBvLx4wLE/vaoPMqXEVriv2/eUR3+l9p42Ayyzx5fTg PVUV7ysArzpZ+/fEkbz9MNPhmGJeVZ1EjgiPCf/3kUQkBfO2V9dlT1sgAmE81D4IOhpaIEV C8IJBo19ySAQytwsuoQ91bF/ey2uGrckAGGzVHHGFzNSybt+q4nmQBu2HzEQ== Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id BE7E1F9B1; Mon, 9 Jun 2025 18:54:07 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id F3C0D13F6AD; Mon, 09 Jun 2025 18:54:02 -0400 (EDT) From: Daniel Kahn Gillmor To: Robert Pluim Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <871prtqe1o.fsf@gmail.com> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> <87h60spq5p.fsf@fifthhorseman.net> <871prtqe1o.fsf@gmail.com> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Mon, 09 Jun 2025 18:54:01 -0400 Message-ID: <87o6uwzfue.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="==-=-="; X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, Eli Zaretskii , rms@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --==-=-= Sig: t=p; b=iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaEdmCgAKCRB4C4VO2cK0 lmwXAP9hn01jbdSzqpBbX15yzE1bBr8YTxUQCHYs4vzBsXYzOQD+PP6V2j6wGSEo XaZU+gLRUo+HZwZd9TiYoe784gc4BAk= From: Daniel Kahn Gillmor To: Robert Pluim Cc: Eli Zaretskii , eric@ericabrahamsen.net, 78448@debbugs.gnu.org, rms@gnu.org Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <871prtqe1o.fsf@gmail.com> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> <87h60spq5p.fsf@fifthhorseman.net> <871prtqe1o.fsf@gmail.com> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Mon, 09 Jun 2025 18:54:01 -0400 Message-ID: <87o6uwzfue.fsf@fifthhorseman.net> Content-Type: multipart/mixed; boundary="=-=-="; hp="clear" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Mon 2025-06-09 14:45:23 +0200, Robert Pluim wrote: > I just tried it, I needed the small patch below to get it to compile > without warnings. [=E2=80=A6] > diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el > index 972f1bce0a1..cfe4709f275 100644 > --- a/lisp/gnus/mml.el > +++ b/lisp/gnus/mml.el > @@ -494,6 +494,9 @@ mml-inhibit-compute-boundary > (declare-function libxml-parse-html-region "xml.c" > (start end &optional base-url discard-comments)) >=20=20 > +(defvar message-ignored-mail-headers) > +(declare-function message-cleanup-headers "message") > + > (defun mml-get-likely-headers () > "Get likely final headers from the existing message" > (save-excursion Thanks for this! I've updated the patch series to include your feedback, and to drop the Signed-off-by: lines that were interfering with the project expectations. I'm including the three revised patches here. Please let me know if you notice anything else that needs improvement. Regards, --dkg --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-mml-Pass-likely-headers-through-to-mml-sec-functions.patch Content-Transfer-Encoding: quoted-printable From=203a27bb0ce3a18eff2fd965a1f7da6a97a45a6744 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 21:49:32 -0400 Subject: [PATCH 1/3] mml: Pass likely headers through to mml-sec functions By pre-computing the likely headers for an outbound message, and passing them along as a tag in mml-parse, we create an opportunity to provide Header Protection as described in https://datatracker.ietf.org/doc/draft-ietf-lamps-header-protection/ =2D-- lisp/gnus/mml.el | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 51d8d2c3769..8e37dbe0bf6 100644 =2D-- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -265,6 +265,8 @@ part. This is for the internal use, you should never m= odify the value.") (apply #'mml-insert-tag secure-mode `(,@tags + ,"likely-headers" + ,(mml-get-likely-headers) ,(if keyfile "keyfile") ,keyfile ,@(apply #'append @@ -492,6 +494,24 @@ If MML is non-nil, return the buffer up till the corre= spondent mml tag." (declare-function libxml-parse-html-region "xml.c" (start end &optional base-url discard-comments)) =20 +(defvar message-ignored-mail-headers) +(declare-function message-cleanup-headers "message") + +(defun mml-get-likely-headers () + "Get likely final headers from the existing message" + (save-excursion + (save-restriction + (message-narrow-to-headers-or-head) + (let ((x (buffer-substring (point-min) (point-max)))) + (with-temp-buffer + (insert x) + (message-remove-header "Bcc") + (message-remove-header message-ignored-mail-headers t) + (mail-encode-encoded-word-buffer) + (message-cleanup-headers) + (buffer-string) + ))))) + (defun mml-generate-mime (&optional multipart-type content-type) "Generate a MIME message based on the current MML document. MULTIPART-TYPE defaults to \"mixed\", but can also =2D-=20 2.47.2 --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0002-mml-Enable-production-of-Unobtrusive-Signatures-via-.patch Content-Transfer-Encoding: quoted-printable From=209b4beb63f36c7af2f7b5b63c8fd81f2ac7bc877e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 21:54:06 -0400 Subject: [PATCH 2/3] mml: Enable production of Unobtrusive Signatures via e= pg https://datatracker.ietf.org/doc/draft-gallagher-email-invisible-signatures/ describes a mechanism to produce cleartext signatures over MIME messages that are less likely to cause problems than traditional PGP/MIME. With this patch, it's possible to produce those signatures with: (mml-secure-message "unobtrusive" 'sign) This patch only works with epg, not with mailcrypt or pgg, because epg is what i'm familiar with and what i can easily test. =2D-- lisp/gnus/mml-sec.el | 6 ++++++ lisp/gnus/mml2015.el | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 8dffcf872f3..6fb82836e9a 100644 =2D-- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el @@ -34,6 +34,7 @@ (autoload 'mail-strip-quoted-names "mail-utils") (autoload 'mml2015-sign "mml2015") (autoload 'mml2015-encrypt "mml2015") +(autoload 'mml-unobtrusive-sign "mml2015") (autoload 'mml1991-sign "mml1991") (autoload 'mml1991-encrypt "mml1991") (autoload 'message-fetch-field "message") @@ -56,6 +57,7 @@ '(("smime" mml-smime-sign-buffer mml-smime-sign-query) ("pgp" mml-pgp-sign-buffer list) ("pgpauto" mml-pgpauto-sign-buffer list) + ("unobtrusive" mml-unobtrusive-sign-buffer list) ("pgpmime" mml-pgpmime-sign-buffer list)) "Alist of MIME signer functions.") =20 @@ -198,6 +200,10 @@ You can also customize or set `mml-signencrypt-style-a= list' instead." (or (mml2015-sign cont) (error "Signing failed... inspect message logs for errors"))) =20 +(defun mml-unobtrusive-sign-buffer (cont) + (or (mml-unobtrusive-sign cont) + (error "Signing failed... inspect message logs for errors"))) + (defun mml-pgpmime-encrypt-buffer (cont &optional sign) (or (mml2015-encrypt cont sign) (error "Encryption failed... inspect message logs for errors"))) diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el index a46aa68f56a..bbe6cec589f 100644 =2D-- a/lisp/gnus/mml2015.el +++ b/lisp/gnus/mml2015.el @@ -25,6 +25,9 @@ ;; RFC 2015 is updated by RFC 3156, this file should be compatible ;; with both. =20 +;; This is also capable of producing unobtrusive signatures based on +;; draft-gallagher-email-unobtrusive-signatures + ;;; Code: =20 (eval-when-compile (require 'cl-lib)) @@ -945,6 +948,42 @@ If set, it overrides the setting of `mml2015-sign-with= -sender'." (insert (format "--%s--\n" boundary)) (goto-char (point-max)))) =20 +;;; Unobtrusive Signatures, see: +;;; https://datatracker.ietf.org/doc/draft-gallagher-email-unobtrusive-sig= natures/ + +; convert ASCII-armored PGP SIGNATURE block to base64-encoded with FWS +; at the start of each line: +(defun pgpsig-armor-to-wrapped-b64 (s) + (string-join + (string-split + (string-trim-right + (string-trim-left s "-----BEGIN PGP SIGNATURE-----\n\\(?:[^\n]+\n\\)*= \n") + "\n\\(?:=3D....\n\\)?-----END PGP SIGNATURE-----\n?") + "\n") + "\n ")) + +(defun mml-unobtrusive-sign (cont) + (goto-char (point-min)) + (insert (cdr (assq 'likely-headers cont))) + (re-search-forward "^Content-Type: [^\n]*\\(\n[ \t][^\n]*$\\)*") + (insert "; hp=3D\"clear\"") + (forward-line 1) + (let* ((pair (mml-secure-epg-sign 'OpenPGP t)) + (signature (car pair))) + (unless (stringp signature) + (error "Signature failed")) + (goto-char (point-min)) + (insert (format "Sig: t=3Dp; b=3D%s\n" + (pgpsig-armor-to-wrapped-b64 signature))) + (let ((boundary (mml-compute-boundary cont))) + (goto-char (point-min)) + (insert (format "Content-Type: multipart/mixed; boundary=3D\"%s\";\n" + boundary)) + (insert (format "\n--%s\n" boundary)) + (goto-char (point-max)) + (insert (format "\n--%s--\n" boundary)) + (goto-char (point-max))))) + ;;; General wrapper =20 (autoload 'gnus-buffer-live-p "gnus-util") =2D-=20 2.47.2 --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0003-mml-Add-C-c-RET-s-u-to-make-Unobtrusive-Signature.patch Content-Transfer-Encoding: quoted-printable From=208ec14c812328ae1b4180656f8813211d83215b42 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 15 May 2025 22:03:25 -0400 Subject: [PATCH 3/3] mml: Add C-c RET s u to make Unobtrusive Signature This adds to the default keymap to make it relatively easy to make an Unobtrusive Signature when sending mail. Unobtrusive Signatures are defined on a per-message basis, and explicitly ignored per-part, so we do not facilitate part-based signing. =2D-- lisp/gnus/mml-sec.el | 5 +++++ lisp/gnus/mml.el | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 6fb82836e9a..71913c8e8cc 100644 =2D-- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el @@ -399,6 +399,11 @@ Use METHOD if given. Else use `mml-secure-method' or (or method mml-secure-method mml-default-sign-method) 'encrypt)) =20 +(defun mml-secure-message-sign-unobtrusive () + "Add MML tag to encrypt/sign the entire message." + (interactive nil mml-mode) + (mml-secure-message "unobtrusive" 'sign)) + (defun mml-secure-message-sign-smime () "Add MML tag to encrypt/sign the entire message." (interactive nil mml-mode) diff --git a/lisp/gnus/mml.el b/lisp/gnus/mml.el index 8e37dbe0bf6..0667c937803 100644 =2D-- a/lisp/gnus/mml.el +++ b/lisp/gnus/mml.el @@ -1181,7 +1181,8 @@ If HANDLES is non-nil, use it instead reparsing the b= uffer." "s" (define-keymap "p" #'mml-secure-message-sign-pgpmime "o" #'mml-secure-message-sign-pgp =2D "s" #'mml-secure-message-sign-smime) + "s" #'mml-secure-message-sign-smime + "u" #'mml-secure-message-sign-unobtrusive) "S" (define-keymap "p" #'mml-secure-sign-pgpmime "o" #'mml-secure-sign-pgp =2D-=20 2.47.2 --=-=-=-- --==-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Fri Jun 13 13:58:29 2025 Received: (at 78448) by debbugs.gnu.org; 13 Jun 2025 17:58:29 +0000 Received: from localhost ([127.0.0.1]:49618 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uQ8fc-00025K-Sw for submit@debbugs.gnu.org; Fri, 13 Jun 2025 13:58:29 -0400 Received: from che.mayfirst.org ([2001:470:1:116::7]:41423) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uQ8fa-00025B-9B for 78448@debbugs.gnu.org; Fri, 13 Jun 2025 13:58:27 -0400 DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1749837505; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=QKVUtho03ypBMsioxFs64EN67RKX4oyzyYNT3L9W6L0=; b=75iyxOphiluAfSk0KSqckQWXHMeOmTqANFXDyTJDVEFIh1uaEWAjGiWF8pl0PT+Q6zcVD pCKVfmjq2yWS86SBA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1749837505; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=QKVUtho03ypBMsioxFs64EN67RKX4oyzyYNT3L9W6L0=; b=xgRsv+0V8JgfObdb5e5GUFvSb0bQAhiROKlTw6l+Dc0udBYnff57cO4cJpx9Jg6x/U2JG zoVNa7v+3HsCkJ0EVfPEOpZfga4QCBRPM7YpEA7oc1VwRwj3igCyKbqY3l3KDr/Ltg7Q9Il FRcZ95k2LPYhQ+HoPmb/cQqM0cn/7liH/qTk5EyjWULBB3CKsg/Kl6MCCHVde8zJMBLKmbi aUB80jsQR2uiaB180rYAaV2ojCqUOrv/6Rrni81FpaXN//PuXfE/TTspqyGNCQv2Ya7udQm cnU79rcz6XWbQDSGqD1ZNgxDHEcol9lpZDeaOloEPmetYtI/HppAqQxEw6Og== Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 0B6D4F9B1; Fri, 13 Jun 2025 13:58:24 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id CA8C413F6AD; Fri, 13 Jun 2025 12:22:14 -0400 (EDT) From: Daniel Kahn Gillmor To: Robert Pluim Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87o6uwzfue.fsf@fifthhorseman.net> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> <87h60spq5p.fsf@fifthhorseman.net> <871prtqe1o.fsf@gmail.com> <87o6uwzfue.fsf@fifthhorseman.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Fri, 13 Jun 2025 12:22:14 -0400 Message-ID: <87qzznwr0p.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="==-=-="; X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 78448 Cc: eric@ericabrahamsen.net, 78448@debbugs.gnu.org, Eli Zaretskii , rms@gnu.org, Michael Richardson X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --==-=-= Sig: t=p; b=iHUEARYKAB0WIQRjrBGOWy5dZsiKhad4C4VO2cK0lgUCaExQNgAKCRB4C4VO2cK0 lgRBAP4/2ZcxuojSsSgZ+TGoGQQVUxn75qNANLWbqptHKvIOCgEAtE44ggMSGEa+ R8p/LSsw7ajfN3inOPnl0QFxT2Tluw8= From: Daniel Kahn Gillmor To: Robert Pluim Cc: Eli Zaretskii , eric@ericabrahamsen.net, 78448@debbugs.gnu.org, rms@gnu.org, Michael Richardson Subject: Re: bug#78448: 30.1; mml: Produce Unobtrusive Signatures In-Reply-To: <87o6uwzfue.fsf@fifthhorseman.net> References: <87a57dciom.fsf@fifthhorseman.net> <86v7pzv8z4.fsf@gnu.org> <87frgorfqa.fsf@fifthhorseman.net> <86ldqdrv95.fsf@gnu.org> <87o6v5b26j.fsf_-_@gmail.com> <87h60spq5p.fsf@fifthhorseman.net> <871prtqe1o.fsf@gmail.com> <87o6uwzfue.fsf@fifthhorseman.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg== Date: Fri, 13 Jun 2025 12:22:14 -0400 Message-ID: <87qzznwr0p.fsf@fifthhorseman.net> Content-Type: multipart/mixed; boundary="=-=-="; hp="clear" --=-=-= Content-Type: text/plain On Mon 2025-06-09 18:54:01 -0400, Daniel Kahn Gillmor wrote: > I'm including the three revised patches here. Michael Richardson observed that I had an extra semicolon which might cause a complaint (see the patch here, which you might decide you want to merge down into patch 0002 when applying). I'm grateful for his attention to detail! --dkg --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0004-Remove-stray-semicolon.patch Content-Transfer-Encoding: quoted-printable From=20d15a519c3c8d9cad72a827f8fba24fb79df25db5 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 12 Jun 2025 18:06:22 -0400 Subject: [PATCH] Remove stray semicolon Identified by Michael Richardson =2D-- lisp/gnus/mml2015.el | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el index bbe6cec589f..503b7a8a5fa 100644 =2D-- a/lisp/gnus/mml2015.el +++ b/lisp/gnus/mml2015.el @@ -977,7 +977,7 @@ If set, it overrides the setting of `mml2015-sign-with-= sender'." (pgpsig-armor-to-wrapped-b64 signature))) (let ((boundary (mml-compute-boundary cont))) (goto-char (point-min)) =2D (insert (format "Content-Type: multipart/mixed; boundary=3D\"%s\";= \n" + (insert (format "Content-Type: multipart/mixed; boundary=3D\"%s\"\n" boundary)) (insert (format "\n--%s\n" boundary)) (goto-char (point-max)) =2D-=20 2.47.2 --=-=-=-- --==-=-=--