<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.1">
</HEAD>
<BODY>
So I think I figured out how ALE's mailman is invalidating PGP sigs under certain circumstances. Using the message I sent via gmail/firepgp that got an invalid sig, I compared the raw msg that mailman sent out to the one stored in my gmail Sent folder. What I found is that mailman wrapped one of the headers in the signed portion of the message thus invalidating the signature.<BR>
<BR>
GPG is handed everything between the 'multipart/signed' boundaries (-------firegpg0710eqg2j410d98by2livyjc in this case) to produce the signature (line endings are also normalized but that's beside the point). However, as you'll see below, mailman wrapped the 1st Content-Type header when it sent out the message. That may have been the RFC-correct thing to do since the header is 80 chars but I can't imagine any modern email client that can't handle long headers.<BR>
<BR>
Is there a way to persuade mailman to treat everything between 'multipart/signed' boundaries as sacred untouchable? Similarly for clear-signed messages: Don't touch between "-----BEGIN PGP SIGNED MESSAGE-----" and "-----BEGIN PGP SIGNATURE-----".<BR>
<BR>
(The stuff below will be more legible in HTML, sorry)
<PRE>
=========================================== BEFORE MAILMAN:BEGIN
<...other msg headers...>
X-FireGPG-Version: 0.7.10
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="-----firegpg0710eqg2j410d98by2livyjc"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
-------firegpg0710eqg2j410d98by2livyjc
Content-Type: multipart/alternative; boundary="firegpg0710eqg2j410dlntbr800mza1"
--firegpg0710eqg2j410dlntbr800mza1
Content-Type: text/plain; format=flowed; charset=UTF-8
Content-Transfer-Encoding: base64
dHJ5aW5nIHRvIGlzb2xhdGUgd2h5IHNvbWUgQUxFIHNpZ3MgcmVwb3J0IGFzIGludmFsaWQuIHNl
bmRpbmcgdmlhIGdtYWlsL2ZpcmVncGcuLi4NCg0K
--firegpg0710eqg2j410dlntbr800mza1
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: base64
dHJ5aW5nIHRvIGlzb2xhdGUgd2h5IHNvbWUgQUxFIHNpZ3MgcmVwb3J0IGFzIGludmFsaWQuIHNl
bmRpbmcgdmlhIGdtYWlsL2ZpcmVncGcuLi48YnI+PGJyPg0K
--firegpg0710eqg2j410dlntbr800mza1--
-------firegpg0710eqg2j410d98by2livyjc
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.10)
iQEcBAEBAgAGBQJLD/CRAAoJEPn9tXGjlLx6s4YH/3odcaI8elLPAeEV9MJofSQF
6sAYFS35KccDqRMExTDGh2xnyGAprtuCTSZ5VdURGf7pmePsjSB61tDxMFKBocyN
NCiGPwcTsI4u1HcaW1DrOXFZlpdy5V4uzT1KWJr9P6lKdzstzQWFSFGMecv1qNsj
p6DiM1XDbrSAHoliMOzlrVpuoDhFzzfFyPcyj8J5p0ce88wlqF1+7Pph9QWXy52H
hErIyNgRR4/5XOJvo5a1p1uoMoIbYWlPJnpBGvCCoe2fiaJl9InGgKLXBrTL84w5
tFJfC2gxy4uWBRQHujw3U0GPRb7BCevb8kfYePhnjlaD/2EKQeSNqH81nJPzm0Q=
=MasR
-----END PGP SIGNATURE-----
-------firegpg0710eqg2j410d98by2livyjc--
=========================================== BEFORE MAILMAN:END
=========================================== AFTER MAILMAN:BEGIN
<...other msg headers...>
<TABLE>
<TR>
<TD>
<PRE>
<TT>Content-Type: multipart/mixed; boundary="===============1966690486=="</TT>
<TT>Sender: ale-bounces@ale.org</TT>
<TT>Errors-To: ale-bounces@ale.org</TT>
<TT>This is an OpenPGP/MIME signed message (RFC 2440 and 3156)</TT>
<TT>--===============1966690486==</TT>
<TT>Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="-----firegpg0710eqg2j410d98by2livyjc"</TT>
<TT>This is an OpenPGP/MIME signed message (RFC 2440 and 3156)</TT>
<TT>-------firegpg0710eqg2j410d98by2livyjc</TT>
<TT><FONT COLOR="#ff0000">Content-Type: multipart/alternative;</FONT></TT>
<TT><FONT COLOR="#ff0000"> boundary="firegpg0710eqg2j410dlntbr800mza1"</FONT></TT>
<TT>--firegpg0710eqg2j410dlntbr800mza1</TT>
<TT>Content-Type: text/plain; format=flowed; charset=UTF-8</TT>
<TT>Content-Transfer-Encoding: base64</TT>
<TT>dHJ5aW5nIHRvIGlzb2xhdGUgd2h5IHNvbWUgQUxFIHNpZ3MgcmVwb3J0IGFzIGludmFsaWQuIHNl</TT>
<TT>bmRpbmcgdmlhIGdtYWlsL2ZpcmVncGcuLi4NCg0K</TT>
<TT>--firegpg0710eqg2j410dlntbr800mza1</TT>
<TT>Content-Type: text/html; charset=UTF-8</TT>
<TT>Content-Transfer-Encoding: base64</TT>
<TT>dHJ5aW5nIHRvIGlzb2xhdGUgd2h5IHNvbWUgQUxFIHNpZ3MgcmVwb3J0IGFzIGludmFsaWQuIHNl</TT>
<TT>bmRpbmcgdmlhIGdtYWlsL2ZpcmVncGcuLi48YnI+PGJyPg0K</TT>
<TT>--firegpg0710eqg2j410dlntbr800mza1--</TT>
<TT>-------firegpg0710eqg2j410d98by2livyjc</TT>
<TT>Content-Type: application/pgp-signature; name="signature.asc"</TT>
<TT>Content-Description: OpenPGP digital signature</TT>
<TT>Content-Disposition: attachment; filename="signature.asc"</TT>
<TT>-----BEGIN PGP SIGNATURE-----</TT>
<TT>Version: GnuPG v1.4.9 (GNU/Linux)</TT>
<TT>Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.10)</TT>
<TT>iQEcBAEBAgAGBQJLD/CRAAoJEPn9tXGjlLx6s4YH/3odcaI8elLPAeEV9MJofSQF</TT>
<TT>6sAYFS35KccDqRMExTDGh2xnyGAprtuCTSZ5VdURGf7pmePsjSB61tDxMFKBocyN</TT>
<TT>NCiGPwcTsI4u1HcaW1DrOXFZlpdy5V4uzT1KWJr9P6lKdzstzQWFSFGMecv1qNsj</TT>
<TT>p6DiM1XDbrSAHoliMOzlrVpuoDhFzzfFyPcyj8J5p0ce88wlqF1+7Pph9QWXy52H</TT>
<TT>hErIyNgRR4/5XOJvo5a1p1uoMoIbYWlPJnpBGvCCoe2fiaJl9InGgKLXBrTL84w5</TT>
<TT>tFJfC2gxy4uWBRQHujw3U0GPRb7BCevb8kfYePhnjlaD/2EKQeSNqH81nJPzm0Q=</TT>
<TT>=MasR</TT>
<TT>-----END PGP SIGNATURE-----</TT>
<TT>-------firegpg0710eqg2j410d98by2livyjc--</TT>
<TT>--===============1966690486==</TT>
<TT>Content-Type: text/plain; charset="us-ascii"</TT>
<TT>MIME-Version: 1.0</TT>
<TT>Content-Transfer-Encoding: 7bit</TT>
<TT>Content-Disposition: inline</TT>
<TT>_______________________________________________</TT>
<TT>Ale mailing list</TT>
<TT>Ale@ale.org</TT>
<TT>http://mail.ale.org/mailman/listinfo/ale</TT>
<TT>See JOBS, ANNOUNCE and SCHOOLS lists at</TT>
<TT>http://mail.ale.org/mailman/listinfo</TT>
<TT>--===============1966690486==--</TT>
</PRE>
</TD>
</TR>
</TABLE>
=========================================== AFTER MAILMAN:END
</PRE>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
________<BR>
Love all, trust a few. Do wrong to none.<BR>
-- William Shakespeare<BR>
<BR>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>