Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id EAAEF40DDF3 for ; Fri, 12 Nov 2010 23:56:09 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, UNPARSEABLE_RELAY=0.001] autolearn=ham Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ggJ21e48gzL5 for ; Fri, 12 Nov 2010 23:55:58 -0800 (PST) Received: from rodolpho.mayfirst.org (rodolpho.mayfirst.org [209.234.253.107]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id AF61140DDDB for ; Fri, 12 Nov 2010 23:55:58 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by rodolpho.mayfirst.org (Postfix) with ESMTP id 1B6D33CD58 for ; Sat, 13 Nov 2010 02:55:55 -0500 (EST) X-Virus-Scanned: Debian amavisd-new at rodolpho.mayfirst.org Received: from rodolpho.mayfirst.org ([127.0.0.1]) by localhost (rodolpho.mayfirst.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jS0rqkMPz2dh for ; Sat, 13 Nov 2010 02:55:54 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: smtpauth@rodolpho.mayfirst.org) with ESMTPSA id 814CB3CD56 Message-ID: <4CDE4486.2050101@fifthhorseman.net> Date: Sat, 13 Nov 2010 02:55:50 -0500 From: Daniel Kahn Gillmor User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.9) Gecko/20100918 Icedove/3.1.4 MIME-Version: 1.0 To: notmuch Subject: a proposed change to JSON output to report verification of PGP/MIME signatures. X-Enigmail-Version: 1.1.2 OpenPGP: id=D21739E9 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig76D4CD9CFE607DF25F2033C6" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: notmuch List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Nov 2010 07:56:10 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig76D4CD9CFE607DF25F2033C6 Content-Type: multipart/mixed; boundary="------------010905080104070601060702" This is a multi-part message in MIME format. --------------010905080104070601060702 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable hi notmuch folks-- i've been trying to wrap my head around how to get notmuch to support verifying cryptographically-signed mail. i'm afraid my current understanding of the problem space is that it is neither pretty nor clean. Sorry for the length of this message. Scope: ------ I'm focusing initially here only on verifying PGP/MIME cleartext signatures. I'm proposing to do the verification in the backend, and to report on the validity of the signatures to the frontend through "notmuch show --format=3Djson" (ignoring the other output formats for now= ). This mail is only trying to explain how the JSON format might communicate this information from the backend to the frontend. (implementation will happen depending on the followup discussion, but i don't mean for implementation questions to derail this first) Proposal: --------- No attempt to actually validate the signatures will be made unless the new --verify flag is passed to "notmuch show". A signed MIME part will contain a new element "signedby", which is a list of part numbers identifying signatures that cover this part. Signature parts (Content-Type: application/pgp-signature) will contain a new element "signs", which points back to the list of parts this signature covers. It will also contain a "sigstatus" member, which is a list of objects, each of which contain at least the following element: * "verified" -- one of the following values: "success" (the sig has been tested and is cryptographically valid) "failure" (the sig has been tested and does not match) "nokey" (the sig could not be tested because pubkey is missing) "error" (testing the sig failed for some other reason) "unknown" (testing was not tried) If "verified" is "success" in a "sigstatus" object, then the following fields might also be present: * "signingkey" -- hexadecimal representation of 160-bit fingerprint of the signing key * "digest" -- the hash over which the sig was made (e.g. "SHA1") * "timestamp" -- the time the signature claims to have been made (let me know what format i should represent this in) * "pubkeyalgo" -- the signing key's asymmetric algorithm (e.g. "RSA") * "expires" -- if the signature has an expiration date, it goes here Example: -------- currently, the "body" element of a PGP/MIME signed message looks like this with --format=3Djson: --------------------------- "body": [ { "content": "here is a test message i signed on 2010-11-11.\n\n --dkg\n\n", "content-type": "text/plain", "id": 1 }, { "content-type": "application/pgp-signature", "filename": "signature.asc", "id": 2 } ], --------------------------- It would end up like this (without the --verify flag): --------------------------- "body": [ { "content": "here is a test message i signed on 2010-11-11.\n\n --dkg\n\n", "content-type": "text/plain", "id": 1, "signedby": [ 2 ] }, { "content-type": "application/pgp-signature", "filename": "signature.asc", "id": 2, "signs": [ 1 ], "sigstatus": [ { "verified": "unknown" } ] } ], --------------------------- and here it is with the --verify flag: --------------------------- "body": [ { "content": "here is a test message i signed on 2010-11-11.\n\n --dkg\n\n", "content-type": "text/plain", "id": 1, "signedby": [ 2 ] }, { "content-type": "application/pgp-signature", "filename": "signature.asc", "id": 2, "signs": [ 1 ], "sigstatus": [ { "verified": "success", "signingkey": "0EE5BE979282D80B9F7540F1CCD2ED94D21739E9", "digest": "SHA512", "timestamp": "2010-11-11 22:32:45 -0400", "pubkeyalgo": "RSA" } ] } ], --------------------------- Observations: ------------- i'm not covering key->userid bindings in this first pass -- it's already complicated enough to say "the following key did actually sign this message part". I'm still not sure whether the front-end or the backend should be responsible for resolution of key->userid bindings, but i'm OK punting on that question for the moment. Multipart messages can have some parts signed and other parts not signed: think of mailing lists which tack on a footer to each relayed mail; the footer isn't signed, though the rest of the message is. One MIME signature can cover more than one MIME part: Think of a signed e-mail with an attachment. In this case, the signature is actually over the aggregate, not the individual parts. For example, a signed two-part message that says: [ (A) "this is the budget for 2011", and (B) an attached spreadsheet ] is *not* the same as either (A) or (B) signed independently. A multipart MIME message can contain more than one distinct signature on different parts: Think of a digest of a mailing list discussion between several participants who each sign their own messages. Each signature needs to be bound to the relevant parts (and vice versa); and some signatures within a message can fail while others succeed. A single application/pgp-signature part could contain signing material from multiple signers. Think of a PGP/MIME-signed key transition documen= t. MIME is actually a tree structure, and any subtree can be signed. But currently, "notmuch show" hides the tree structure and produces what appears to be a linear set of parts. Even more perversely, the tree structure means that a single MIME part could potentially be signed by multiple signatures, each of which potentially has independent origin and independent validity. I've attached a moderately nasty e-mail message to this one demonstrating a confluence of a bunch of these observations. The structure of the attached e-mail looks like this: A=E2=94=94=E2=94=AC=E2=95=B4multipart/signed 10936 bytes B =E2=94=9C=E2=94=AC=E2=95=B4multipart/mixed 7403 bytes C =E2=94=82=E2=94=9C=E2=95=B4text/plain 77 bytes D =E2=94=82=E2=94=9C=E2=95=B4image/jpeg attachment [dkg.jpg] 4753 bytes E =E2=94=82=E2=94=94=E2=94=AC=E2=95=B4message/rfc822 2072 bytes F =E2=94=82 =E2=94=94=E2=94=AC=E2=95=B4multipart/signed 1914 bytes G =E2=94=82 =E2=94=9C=E2=95=B4text/plain 57 bytes H =E2=94=82 =E2=94=94=E2=95=B4application/pgp-signature attachment [sign= ature.asc] 900 bytes I =E2=94=94=E2=95=B4application/pgp-signature attachment [signature.asc] = 900 bytes "notmuch show" emits it as 5 parts (omitting A, B, E, and F): 1: C 2: D 3: G 4: H 5: I Note that while C and D are both signed by I, G is actually signed by both H and I. yuck. And since this example message is attached to the e-mail i'm writing right now (which itself will be signed) it can certainly get even yuckier. Questions: ---------- Am i missing any data or relationships you think we might want? Is anything broken, unexpected, or dangerous about the choice of JSON modifications? I realize i've gone down a bit of a rabbit hole in the corner cases here (driven mainly by my observations section). Are there any simplifying assumptions we can safely make about what kinds of messages are worth verifying? That is, are there ways to make this more intelligible that don't throw away our ability to accurately represent the verified state of some non-trivial subset of messages? If this method (or something similar to it) gets put into the notmuch backend, is this something we can actually represent to a human with a reasonable frontend? Would it make more sense to do deeper structural modifications of the json output (e.g. return the full MIME tree instead of a list of parts) than to go with the current proposal? It would be nice to also make this kind of reporting structure also work for S/MIME and maybe other crypto-signature structures like DKIM. Is that doable within this framework? are there other tweaks we might want to consider to cover that possibility? If you actually read this far, you are a champion! I look forward to any feedback you have. OK, off to bed! --dkg --------------010905080104070601060702 Content-Type: message/rfc822; name="Fwd: a test signature.eml" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Fwd: a test signature.eml" Return-Path: Delivered-To: thought-fifthhorseman:net-pobox00@fifthhorseman.net X-Envelope-To: pobox00@fifthhorseman.net Received: (qmail 80379 invoked by uid 3127); 13 Nov 2010 05:00:36 -0000 Delivered-To: thought-fifthhorseman:net-daniel_gillmor@fifthhorseman.net Received: (qmail 80376 invoked by uid 3127); 13 Nov 2010 05:00:36 -0000 Delivered-To: thought-fifthhorseman:net-dkg@fifthhorseman.net Received: (qmail 80373 invoked from network); 13 Nov 2010 05:00:36 -0000 Received: from mailwash19.pair.com (66.39.2.19) by gebo.pair.com with SMTP; 13 Nov 2010 05:00:36 -0000 Received: from localhost (localhost [127.0.0.1]) by mailwash19.pair.com (Postfix) with SMTP id BEDE510E6D6 for ; Sat, 13 Nov 2010 00:00:36 -0500 (EST) X-Virus-Check-By: mailwash19.pair.com Received: from rodolpho.mayfirst.org (mail.freitas.net [209.234.253.107]) by mailwash19.pair.com (Postfix) with ESMTP id 9B9EA10E6D4 for ; Sat, 13 Nov 2010 00:00:36 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by rodolpho.mayfirst.org (Postfix) with ESMTP id 828B63CD56 for ; Sat, 13 Nov 2010 00:00:34 -0500 (EST) Received: from rodolpho.mayfirst.org ([127.0.0.1]) by localhost (rodolpho.mayfirst.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5tGw+mJDhlAw for ; Sat, 13 Nov 2010 00:00:34 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: smtpauth@rodolpho.mayfirst.org) with ESMTPSA id 2FA053CD51 Message-ID: <4CDE1B6D.8090208@fifthhorseman.net> Date: Sat, 13 Nov 2010 00:00:29 -0500 From: Daniel Kahn Gillmor User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.9) Gecko/20100918 Icedove/3.1.4 MIME-Version: 1.0 To: Daniel Kahn Gillmor Subject: Fwd: a test signature X-Enigmail-Version: 1.1.2 OpenPGP: id=D21739E9; url=http://fifthhorseman.net/dkg.gpg Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig3B66DFD2DF6BC54D110D09E4" X-Spam-Filtered: 398e33084aa1a5409cad950589a52b8e X-Spam-Status: No, hits=-2.6 required=4.0 tests=UNPARSEABLE_RELAY,for,BAYES_00 X-Spam-Flag: NO X-Spam-Level: This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig3B66DFD2DF6BC54D110D09E4 Content-Type: multipart/mixed; boundary="------------030807050707080905030604" This is a multi-part message in MIME format. --------------030807050707080905030604 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable This message wraps another one. and includes a picture of me. woo! --dkg --------------030807050707080905030604 Content-Type: image/jpeg; name="dkg.jpg" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="dkg.jpg" /9j/4AAQSkZJRgABAQEAtAC0AAD/2wBDAAcFBgYGBQcGBgYICAcJCxIMCwoKCxcQEQ0SGxcc HBoXGhkdISokHR8oIBkaJTIlKCwtLzAvHSM0ODQuNyouLy7/2wBDAQgICAsKCxYMDBYuHhoe Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi7/wAAR CACQAHgDASIAAhEBAxEB/8QAGwAAAQUBAQAAAAAAAAAAAAAABwADBAUGAgH/xAA0EAACAQMD AgQEBQMFAQAAAAABAgMABBEFEiEGMRNBUWEiMnGBBxSRobFCUvAVJGLB0XL/xAAZAQADAQEB AAAAAAAAAAAAAAABAgMABAX/xAAgEQADAAIDAAMBAQAAAAAAAAAAAQIDERIhMQRBURMi/9oA DAMBAAIRAxEAPwC/UU8i00lSIxxSMJ0FrsLXSivXO1SaUJFu547eJ3cj4QTiq6x1NJba5vLm RIreNyAWOPhAHJ/WqXqi4uGm2oZVUodyxMCWHbOCPKhjPrF7KgtZ5W8AS7ynYMwxjI+2aC7C w42t9b3UPjRviPnl+PvUkAMAVIIPYihpofU2gyalNNf3BjghWNbaF1J2kDDEgcZB7fc1pB1h pu2R7dxcx718MhwoKnhuT5qf5Fbw2zSlaiz3NtC22SVQ3oOaz+tdXaXCq28d/Gkj/MyOCUXz we2fKlp3UmgriMyfl8kANNGQGP8A9H/usA0fDKGU5B5BFNstNi8tixSOWFYkGWbcMDzry0vb S+XfaSiVP7gDitsImWmWWpjLTLCsYiOtKnWWlWAWCd6lR1FTvUmM8VQUfLBVLMcAdzWb1vq/ RbG3kP5hZZU42KcHP0NStf1P8jaLPE5fDYKryaDOu6lFPd6hqF1JLI7v/twFyuNoGT/B8+an 6MW+v9TT3c9vfQWAthGp3eJMC7Ke2U8h+9Yi7uzLI8oGJHYs2GzknzFV891JcSB2VFOANqDA 49vWmWkPHJHtmqKdAb2OeJtPDEN5Yrh5nY5LE/Wm8jv+wrrAKjcME0wB2OaRTvDkuex8xTyy KwDSyc+vdjTA8NfgXOO2TTwilRS0ce5QMkjDAD61jFlpdwk8q2tzctDaDy8s5/z2o09O30UV pFbsrCMDAYRqFX7rxg/agPDnPioSf7hnn61p+leoLjSryN4HL2m7bLC58j50lIKDmwFMsPan oSjwo0fyMoK/SuGwe1IMRmFKnGFKsYlIK6lcQx78/b1pJUPWLpLG0adsmQ8IB6+lNT6FRj+r Xjh/3F07DechPT3x/VQxvp2uLuSSOWU+J3zjDY88DgVzr+oX91qk73bkyElSoPwKuew9qqri 5YgqjEDAGe3FaJ+zNntyI4iUbaHHBwOTXKWsUq5SZvE/sKf9iube0nnYBI2f6cVqdI6X1S8X dbxKnYbe3707pL0ylvwyzQFMrtyQakyWqtbRSIPizyDRJT8ONXuIox4tqOPXn+KlxfhJqRXM t1EvnlRnP2pP6T+j/wAq/ASLbM6lhncDyMcCkss1sxAYlexx5iiVd/hnrdsSySQMh4xu2k/Y 1Ta90fd2dmJXiYzKpLhec+prLIjPFa+jMCaWRPGWAcf1BQP1IrwSosq3CJweSp/cGm4YiuQA +RztJIrsI3LqCDnBHnTkwsfh/q7XAGmys5RFyiE/KPQeo/it8VCjgAfQUBOnLq8ttTSS2XdK oyEVtrOPPHofajXouox6pYJcIzZ7MGGCD71NrTCmSmFKumFKgMSEqPq0MU+nypKcLjOafWo+ qQmexdAcY5J9hTV4KvQBdTtFJdyFI8bCVL44bFZps5z71p+qbdvzpeOLCAZLepPnWaYc9qMe Gr03fRVtHPB40o3OX86KmkQiMhVwAaFX4ezEytCe2c0XNNBByuMZrjzN8ju+OlxNPaJwBntV ivMeFPbiqy0Z2qejSKMDFTR1JDckCtyzZ+1UOtWcdxG0I+BWXDNjnHpV7N4pU8AN7VV3wlKk 4Bb6UG2Zz0BHq7RFs3eaIHwmkbacfTisY8wMm3hQ7c+xFGDr2MrpMgX4nzkYoLTFmkxx82a7 cNcpPN+RKmui10iK4uNQgEHMm9cfr+/pRv6YsmtbWUyLslZzvUZwOfehp+GFmZtaj8SMmPwm ck+fOOP1oz7doxTV6RQ09Kk9KgMPLXN0ziB1SMuWBGKSGnGPwHHfHFOxEBfrPTriEySSzESJ wEwAAv8AND/jnjtRv6q0t7tnmdDI6jO9SBtH3rDap0xEuky38OwMoLEAHJI70k0l0yqh14Qu ntTg0q1jkZGeSQk4Ucmtpp/XfgALJp8gXGdx4A/WqTp+xSHTY7xYRLKinFWZF7e6ektvfkXw kBaHhRs9BkcmlfF09lo5qVo2Wg9faZcTCN4m5PJJ7Vuor+2aITKylMZoaR6fHbW1rIXjnuzG TcHwVVQfIZGM8eeK1fT7QvZ5Ma7cEnNRvSekdWN3rs81TrKKyjnk/KGRY+2P6hWSuut9Rv0Y 2WjTDPmVbA/ar6+txIHKHEYbB8zis3JZzpr2+fUpf9JDb1+MqduPlwPP3psbVC5Fa+yhvtd1 Xf4Gq6e4jkO3xChGM/zQ6nQi4ePHKsR+9GC3We5W4gkZprRWzG8nzY9D/wC1mun9Ejvdf1J3 A2wSYClQck5OaeKlbIXiqmp2bD8NrNIdEhlNvLFMwJJkXBbJ7g/24HH3rZP2pnT7f8raLCDw OQD5Z8qcY03pza10NPSrxzSomPVNPIajK1Oq1UEO5oElt3iZQQykGhlrEkNnNNoU0g23e9I3 PZWC8ZPv2onK9DrrfSXa4EyYRDKJFYjPxentU6S9K47cvor+j3EunpAeCpKsPvWxsbBAx2IO fPFDbQrxrTWLm3GVjMpwPqaL+lENEDxkVDKtPZ2/GpNaZGvbOGC22gDe/wAxqXoJItpQvyio uvSYjVVI8Rz+gFWHT9tN/pxZUY/DliKl6dUJcjq3gjeXceQwwwrm40yKIFQvwmm7B3j1IwPg hs49aupipTnsKCG1r0yN9FHbwsUG0edYuC9m03SLm6tIfGu7+7ZkQcHYDjPr5eXrVx11q4ht nSIgbsjk0uldEF9b2Fxext+WtotoideHY8k/TntV8c9bZw58qVPRddLahqmoW0ct5aTQR7SS 82BvPkFGSSPUmr1jXQCooVFCqBgADAAptjVjiG2NKuXNKsYaV6cV/eoitXYY+tUEJYfjvVZ1 HF+Y0mYd2Qbx9qlb/euJSJInjbsykGg10FPQFNVIt9UjuFz8YBOPaiNpvUNrZaPHNI+XccIO 5/z1rD9SWbIZosEyQucY8xUCw8W8VIldgqcMRzgVJyqnsvFOa6NbqnWizxeHHanxScgtzgVb 6L10bSwW3ldRKoxjnnPaspBoazXBMbBlC9j3PvV9D0mo0+WFrZJZpfjEwk+XHb9KXUa0jqic 9f6R1pfXcQ1JnurdQpyA45INai16ostVtplik2uik4P80OLjpmaMtI5VWBz82RULZPplyHJI QofiAwPpS1Evz0DvLHVlnchuoOpbWzTLIZMuh7bRyaL8UaQxLFEgVFGAAOKHv4aaV8EutXCE vISkRPkvmaILGqpa6OKnt7Explj710zUyxogPHPvSpt2pVjEQNXQao6knGAT9KkLDKRlgEH/ ACOKqT2e7qctUku7kW0C75D39FHvVjZ6LJMod5Bg+Q7/AKeX1NarQNNtraJmiiCsWO5vM0eJ tgZ6r0yMa61oisZkjBmbPBLDgAfTzoetHNpGqPC42gnBB5wKN3Xdj+V6uiuCuIryBQG/5pkY +4/isf1npAuLNbqGHMqdyPMVzctW0zpU7hNemUN9JCxmSQq4zjB707F1PqgKj8wSCOxA7/pV G2+N2wCwbuT3A86ejeCOVSV3AchfT/OKpxQFlpePReNqV5dIktxLvYjgdgCDVbI0+sX8GmQZ HjShcenNVxmlbKpkqG4+vrWw6BsDFqf5iZSJA6bARzyaVpT2Z276CfaaedNtYrVEOyNAoIHB 966Zq19xGoZX28Acj1GagX2nROPFVMqfMdxVXj/CHIzTNTLNU69sZoBvQeJEexHl9arGbBIP B96XTQ2xM1Km2alQCamLx7VBG6IccZ4H61PtbRTcrPdRrIzduPlFTIryCUFZVTcRgbTkU1LE VO+2YgdzGG4OPMV1aOck3VrJybdlSNu+T/FOWoNoU3D4DwcVxFL4sagnI8+MYPoamSIHQKRk Ec0AorOqdGj1zTTFnEyfFE44IPtQ5RyjjT9SQLMcqDjCy49PQ+q0V7Zih8CQk4+QnzHpVV1B oFvqkbMEQTHvuHD/AF9D71z5sXLtHRiy8emB3Vui7a5kD2sohXJLcZzVLN0Nch2MdzGVxgk9 81vLm21XR5PAnieeLPAkIDqvqG7OPrg/WoZ1K3km8GPc02M+FjDAepz2HvXOqpF9Q+zL2fTV rp8ZuL1t/hjJA7H/ANrVdIac9xqlrvTawk8eYf247D+BUW5SWa7gWXBw29IU5APqT/UfTyog dJ6Y2n2sk9wuLiVtzA91HktNCd12C2onSL2fgqD6VxASN0Z5A4pS5bkgim0YrKATwRXccRzL HsyyruQ8MvnVVeWEMo3xgMv05FXbHD9qZdEOSBiho2zF3ti0SM6ZwvJHtSrSXUSHOBng0qRx sdUf/9k= --------------030807050707080905030604 Content-Type: message/rfc822; name="a test signature.eml" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="a test signature.eml" Message-ID: <4CDCB76F.10003@fifthhorseman.net> Date: Thu, 11 Nov 2010 22:41:35 -0500 From: Daniel Kahn Gillmor User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.9) Gecko/20100918 Icedove/3.1.4 MIME-Version: 1.0 To: Daniel Kahn Gillmor Subject: a test signature X-Enigmail-Version: 1.1.2 OpenPGP: id=D21739E9 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigD059A3B3496B7DDFCDAB0CEC" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigD059A3B3496B7DDFCDAB0CEC Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable here is a test message i signed on 2010-11-11. --dkg --------------enigD059A3B3496B7DDFCDAB0CEC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJM3LdvAAoJEMzS7ZTSFznpD6QP/A8Xm06ptMBDykTxe9vvVNOw R2TJQKMO0kF0Qr6IzxNllCoOd9d3CkG+isaTnoMvJj48jSNhYb6Y1GYi1TLeUEgs U71dg+Sc3fQ5SQiqJVAYqklmlbT8DZXg87xJAOLqFzdXGkfgM4SrwLPsvfJrkpZJ yRlUS1lNiFhoKHM7DmmkJ2KrquPmdVkTucFKgqPnyEBMrAQw5Yb1Y2D8kZtKPBZ4 eHCRwCTXbuhTxzIaZOFB7rjD3Pt+q6AUwUH/uKPcY5kY4YsOW9kS5nlAD3VLC3A/ fI6UiTQMvH3HUF8AwWyIMf+r5KzspoRe2HVrHGG01N+7u2rE16EfkkH9gItCKeWV jgJsxUGpM0cei4TYTwPlY1hT6NeWGXifVt/CbKgs4aHPOpZG4oc+bO+STm254bJM wR0H7ID6YaC7d+LWYsQyx1ZV2ioqcCNBvQls3q1GjyUXsIjqQ6Om9hliMUpzOsgK idRVFFlDxHaktsz+nfOXzaz3Xoh1JVkwvQr1ySyNS8MSpoHZ7JGn1MYE02zdBptV C15+vEqEfilgw0a0TRXPxQuz8lhqXN3fpYRabLDdiIkzNJwTi4vCdHMJ3s4EEy2t rbJsOagXsLkLRj4gLy3HYiFnpUftnbeO3fZmEROHi4ge5Sn/wYZWG7yidbBImFGJ XLiRv0Qocsw5ZM8hvLqu =1/7r -----END PGP SIGNATURE----- --------------enigD059A3B3496B7DDFCDAB0CEC-- --------------030807050707080905030604-- --------------enig3B66DFD2DF6BC54D110D09E4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJM3httAAoJEMzS7ZTSFznpsUUP/jkEvEneGx6YHcaBv579H7jX 0tmbwAegHOAuIKXaqmEGa1lhb5JgcHyixz+sUtlBN1cq1VcvmNpiI3bitFq6cTJt 1XCXMJ6z+YzQQESt+91T6pcNrZ1Qi/jHWdw3VmlMXB0dpxrkoylmDhhO/d3jiVBe U32wTmWVoN6QLSGzUnHmcUXjqSqImdBwEUYq/QBER4Down5OyvHE05ORbozWpf4O 6EcmeVdMPMFfCxj+8opW1MHy0V+gNGFxCrnRV7UUiAteMmvSAjqCytrbwoHQEp1P v2eVXPWrOaSph1qvAfjWesTydqTLJUZ5IjwcCof46nZFvAoqVA2EF2y3GPDbb7ei ulp/EOVy2yOUHb3tbXwXAFExJRAKkuOh5CC7CNfqtB/q/MenyWPJiPODQBmucFT1 i3ZODFbva2XvMiyJGTocyU/xXRZbo/jurPmSRsTVHzabtfGYeQ2lX4fa1spOgzAu m2TmY0h72KPFmfYfkZZELF1eD1zoYGw+aRbJ0hg9NA9JrD+mXF4Mhpc8N1axPjjh vPFcDBEFvRj6OGXA47TRnezQv5ROsq78+Y/90nKb4KJJFFxIP7NOMhZSq/n1xw7o nptBM/EinYQAB9Mfgi76hdwmOfEYwH9Va0v6/ptjuqN/PGju3CYD5yRLodGIheRQ DK+JacTvfmQkVcXj+Y+Q =RQgW -----END PGP SIGNATURE----- --------------enig3B66DFD2DF6BC54D110D09E4-- --------------010905080104070601060702-- --------------enig76D4CD9CFE607DF25F2033C6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJM3kSGAAoJEMzS7ZTSFznpeW4P/1ULLKBCgPtqeN9EXCudJyNV ENslifdl1mwmWFHbGA7of/EJ4LX6zZoFZ1ba1TpJ4TbXAj1woMcNMRKHRgFPj1Ff Upz4Iarp2A4OjLRVdQ8o5fuCL+ONfhy6Vobgu6IpdfAmlRSslpXr2+vLFAD9ib0y SVWYOwwAyYheX8b4CWhbVCE67XWpOvt+Onji68/NerWjywqK/1cc5WfVrvFLtaMS d96GhEA5iVNnJlNJUsw+5C7qAT2Ca4bL4ShsZ7Ptuco0+CnQB1e1U2rN/EiZqs04 zhEylVhSChjUJ7CMf3W4Z42u6+fQlFrMUcjWe8i0z895A7GMKZiBaYUeo+32BKwp bT/4idJnWhf1fkYu2/42EDv6O1i4IyymzCgqkrk1JB9+J8Gl0dDOc2puH1k+1V6Z 3Xj3n7suPd8yXjsjwlAOgdJcL+WmXQOcg+iQ9JRGu3+P3UGNvaZDmKzc5AupdBih qVXSRb5HmnZMqSglzwb4xw3rjVpMmY8o2rIB++3q790NviJuN9zmq+/XeAP07xkI Yfk+37ecjVdSAfmMzm2ESKBidM7V1ruifa+V18IXrTrxeA1gQJsexun93BnHglfK 1JbrM32YeLm7UxG/VNpUbWoSp63Sq22Wslhs1gtqpe7YM2ucO8LqSDvIvKMpH0bD 1DyaNp3n9cad0fgwbDRm =6/ba -----END PGP SIGNATURE----- --------------enig76D4CD9CFE607DF25F2033C6--