-----BEGIN PGP SIGNED MESSAGE----- Dr. Dimitri Vulis writes:
I suggest to the kind folks working on PGP 3 that there should be a standard protocol to include within the signed portion the information on when and for whom this text is written: i.e. the list of e-mail recipients and/or Usenet newsgroups, which could be easily compared with the RFC 822/1036 headers of an e-mail/Usenet article.
This assumes that every Usenet site uses RFC 822/1036 headers locally. This is no real-world assumption. And the clearsign problem can be solved with MIME only, since currently, the MIME 8-bit character set conversion will kill the validity of signatures, regardless whether being forged or not. Since I know this, I seldom use clearsigning. Quite simply, it does not work, and that's a more severe problem. If an error on signature validation is the normality, not the exception, the whole stuff does not make any sense. hajo -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Sig validation of clearsigned 8 bit text is uncertain. iQCVAwUBMORRda1Qa39mIA0ZAQELEAQAryOaVDZIhnYQETxhmHyJktRei3080gXV 77Oy5Qo3/WdO7cvFdR+CKytbZQlV7GHS4lQ+N0MCPHH79+vLnw8xvQ+3htkzerjF u6tgjiEnbR/YNCvjEq01aU2RVHgycg680WVOH4DqUNTi7yAY2G5Sc6K2LAD4AQrp toniWTWanyY= =+LZR -----END PGP SIGNATURE-----