a proposed change to JSON output to report verification of PGP/MIME signatures.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Nov 15 08:40:43 PST 2010


On 11/15/2010 05:23 AM, David Edmondson wrote:
> i.e. the existence of the multipart/signed wrapper should be
> explicit. In general, all MIME parts should be visible. 

thanks, this makes sense to me.

> Changing the JSON output in this way would not materially affect your
> proposal, I believe. There'd be some implicit changes in the output (for
> example, if a signature signs a multipart/mixed part your proposal would
> list it as signing the sub-parts of the multipart/mixed, but with my
> additional changes it should be listed as signing the multipart/mixed
> itself).

this is interesting: under your proposed changes, the "signs" element
would not need to be a list any more. it could just be a single part ID.
 I think i like that.

"sigstatus" would still need to be a list, though, since you can have a
signature part that contains multiple signature packets.

Thanks for helping think this through, David.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20101115/512c8998/attachment.pgp>


More information about the notmuch mailing list