<<< Date Index >>>     <<< Thread Index >>>

Re: Deleting attachment from signed email



Hello again,

and thanks for the extensive reply.

On 23 November 2007, Kyle Wheeler wrote with possible deletions:
> > How can I remove the signature? As said, it's an attachment wihich I 
> > failed to delete due to it's own presence.

> The tricky bit is that decode-save 
> can remove all the headers and such, depending on your other mutt 
> options (I think there's a combination that can be used to preserve 
> the headers, but I'd have to dig through the documentation to figure 
> it out). decrypt-save Might be more to your liking, but it only strips 
> out encrypted messages (i.e. I don't think it will take signing off of 
> a message). However, it probably relies on $pgp_decrypt_command, which 
> you can fiddle with to maybe get what you want done.

Sorry, I completely failed to do this. The documentation of the functions
(decode|decrypt)-(save|copy) seems to be a bit thin. But anyway, I don't
want to decode anything, since there's nothing encoded, only signed.

I had a look at the mutt sources and simply removed the check

  (WithCrypto && hdr->security & ~PGP_TRADITIONAL_CHECKED)
  
from 'recvattach.c'. After compilation I tried the result on copies of a
signed message with attachments. When I only delete the signature
attachment [applica/pgp-signat], I'll see a line

  [-- Error: Inconsistent multipart/signed structure! --]

when I re-open the message. I guess that the required MIME structure is
broken here. But if I leave the signature intact, while removing the
(un)desired attachments, everything is fine.

My findings:
  * removing the signature implies changing the mime-type.
  * removing other attachments breaks the signature, but I can live with
    that.
  * if the signature is broken, there's no point in wasting memory on it.
  
My suggestion:
  * Allow deletion of attachments.
  * Allow removing the signature.
  * Maybe require the signature be removed before allowing deletion of
    other attachments.
    
The question is whether this will break anything apart from the
signature being valid? I cannot answer this, since, practically, I have
no knowledge about S/MIME, MIME and all that stuff. Also, I don't know
the mutt source, and I certainly will break things if I change something.

Is anyone interested in fixing this?

Kind regards,
Stefan


-- 
Stefan Klinger                                      o/klettern
                                                    /\/  bis zum
send plaintext only - max size 32kB - no spam         \   Abfallen
http://www.stefan-klinger.de