[ARIN-consult] Consultation on Prohibiting Attachments on ARIN Mailing Lists
Gert Doering
gert at space.net
Tue Apr 24 16:37:38 EDT 2018
Hi,
On Tue, Apr 24, 2018 at 09:29:14AM -0700, Owen DeLong wrote:
> >> "Not break" as in maintain the signature or "not break" as in don't
> >> strip the signature and then keep the multipart/signed content-type
> >> breaking the validator?
> >
> > "do not fumble with mail that is PGP signed", not in any way.
> >
> > Do not modify the body, those header parts that are covered by the
> > signature, or the signature itself, or the MIME structure tieing parts
> > together.
>
> What you are effectively arguing for here is ???Allow attachments as long
> as the message at least pretends to be PGP signed.???
Nah, that was maybe a bit unclear. I was thinking of "if there is a
single attachment that claims to be a PGP signature" (which of course
could be actually verified and bounced if it fails signature checking),
but should have said so.
> If we???re going to block attachments, then we should do so.
>
> If not, then I???m fine with that.
>
> However, in deference to the PGP signed aficionados, I would suggest that
> we pass (unaltered) any PGP signed message which contains only text/plain,
> text/ascii, text/rtf, and PGP-related MIME parts. For others, we should
> return an error message to the poster explaining that attachments are not
> allowed, but PGP signatures are still permitted.
This would work for me.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20180424/d4a5a624/attachment.sig>
More information about the ARIN-consult
mailing list