howto digitially sign emails programmatically with pgp?

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Philipp Ott
    #1

    howto digitially sign emails programmatically with pgp?

    Hello!

    I m looking for a solution to generate a digitally signed mime-email
    with linux/perl and to feed/pipe this then to sendmail. I found RFCs
    related to mime-signed etc. but somehow fail to implement them or rather
    make it work.

    Is there a fininshed cpan module that can do this? I didnt find one though.

    Second, what if i want to use verisign/thawte digital certs for email
    signing, howto do this programmaticall y?

    Thank you for any help,
    regards
    Philipp

    Tags: None
    • Nagy Daniel
      #2
      Re: howto digitially sign emails programmaticall y with pgp?

      Could you please be a little more specific about what you want to achieve?

      As I understand, you want to sign emails. There are many digital signature
      standards, which one do you want to follow?

      S/MIME, PGP/MIME or PGP cleartext signature?

      In what form are your emails available? Plain text, MIME payload or
      RFC-822 complete with headers?

      --
      Daniel

        Comment

        • Philipp Ott
          #3
          Re: howto digitially sign emails programmaticall y with pgp?

          Hello!

          Nagy Daniel schrieb:
          [color=blue]
          > Could you please be a little more specific about what you want to achieve?[/color]

          Well, given are a text file with the message content and 1+ PDF files.
          It works fine to generate MIME-Emails and we can send them sans problem.
          [color=blue]
          > As I understand, you want to sign emails. There are many digital signature
          > standards, which one do you want to follow?[/color]

          Well, any that the majority of ppl can use: current versions of Outlook,
          Outlook Express, Mozilla, Netscape.
          [color=blue]
          > S/MIME, PGP/MIME or PGP cleartext signature?
          > In what form are your emails available? Plain text, MIME payload or
          > RFC-822 complete with headers?[/color]

          Well the emails dont need to be encrypted or so, what we just want to
          ensure with the digital signature is that the contents are from us and
          not tampered with. To your question I would replay that the to-be-signed
          content of the email is available as a list of 7bit mime-parts, the
          message contents and the encoded PDF attachments.

          Thank you,
          regards
          Philipp Ott

            Comment

            • Nagy Daniel
              #4
              Re: howto digitially sign emails programmaticall y with pgp?

              On Mon, 15 Mar 2004, Philipp Ott wrote:
              [color=blue][color=green]
              > > As I understand, you want to sign emails. There are many digital signature
              > > standards, which one do you want to follow?[/color]
              >
              > Well, any that the majority of ppl can use: current versions of Outlook,
              > Outlook Express, Mozilla, Netscape.[/color]

              In that case, you're tied to S/MIME signatures, as I am not aware of
              PGP plugins for Outlook & Co. S/MIME is handled by "openssl" in a
              scriptable fashion. You can generate S/MIME signed messages automagically.

              Even though I have to admit that I strongly dislike S/MIME and all the
              PKI/X509 business. I think it's a scam to extort money for certification
              and has a lot of very real shortcomings when compared to OpenPGP and
              PGP/MIME. For Mozilla and Netscape there is a plug-in called "enigmail"
              which handles PGP/MIME. I have a sript that generates PGP/MIME signed
              messages, if you need that. But, again, it might not work for Outlook and
              Outlook Express.
              [color=blue][color=green]
              > > S/MIME, PGP/MIME or PGP cleartext signature?
              > > In what form are your emails available? Plain text, MIME payload or
              > > RFC-822 complete with headers?[/color]
              >
              > Well the emails dont need to be encrypted or so, what we just want to
              > ensure with the digital signature is that the contents are from us and
              > not tampered with. To your question I would replay that the to-be-signed
              > content of the email is available as a list of 7bit mime-parts, the
              > message contents and the encoded PDF attachments.[/color]

              It doesn't answer my question. But if you want it to work out-of-the box
              for the most popular email clients, go for S/MIME as much as I hate it.

              --
              Daniel

                Comment

                • Clement Seveillac
                  #5
                  Re: howto digitially sign emails programmaticall y with pgp?

                  -----BEGIN PGP SIGNED MESSAGE-----
                  Hash: SHA1

                  Nagy Daniel <nagydani@cs.bm e.hu> wrote:
                  [color=blue]
                  > In that case, you're tied to S/MIME signatures, as I am not aware of
                  > PGP plugins for Outlook & Co.[/color]

                  Well the commercial PGP versions (Personal, Workgroup and Enterprise)
                  have plugins for Outlook, Outlook Express, Eudora, Entourage, and Apple
                  Mail at least [1]. Since you talk about Enigmail afterwards, I think you
                  don't mean Mozilla and Mozilla Thunderbird in your "& Co." :)

                  There are also free solutions to sign, verify, encrypt and decrypt
                  text & files, more or less integrated to mail clients. For example
                  WinPT has a 'tray' icon that can process files, or the text which is in
                  your clipboard, plus it has Eudora and Outlook Express plugins [2].

                  [1] http://www.pgp.com/products/personal.html for example
                  [2] http://winpt.sourceforge.net/en/download.php
                  [color=blue]
                  > For Mozilla and Netscape there is a plug-in called "enigmail"
                  > which handles PGP/MIME. I have a sript that generates PGP/MIME signed
                  > messages, if you need that. But, again, it might not work for Outlook and
                  > Outlook Express.[/color]

                  I really like Enigmail, as you can see in my GnuPG comment :-) Could
                  you send your PGP/MIME signing scripts by the way, I'd like to see how
                  it looks like?

                  Best regards,
                  - --
                  clem
                  -----BEGIN PGP SIGNATURE-----
                  Version: GnuPG v1.2.4 (GNU/Linux)
                  Comment: Secure Email! http://dudu.dyn.2-h.org/gpg-enigmail-howto

                  iQEVAwUBQFsYb5C 029jjKP/wAQJrjQf/SVh7Q7bjeUiD52L L/xvetJwDT0LypLjQ
                  KI+qvPlZgkxmsKE usChxyZ/4EtJ5nz2N+qEqFw Rijaked+MaunbIx QrhhCdxgGtG
                  mCfh9PmTtBUmwMq X2qcYnbrpFxX+n2 JHbTSWQeQ71x+Jx QyKXLxcPgUHPLe3 pLTO
                  3l7K9CiUqKZMI9d rHIwFiC68u6xx9i sQ5ETQakD9PAT8N aEQjn0fwhURWTWb 4sl/
                  l4CfaVKRJh+W1Sq LE3eKnPFdVSjSPS 7mT8ALYsLOXCkt7 ER8dn3NSgFvo8Je dzIF
                  PDx9dQTOnZ6Qcd7 X71Xsij+Ewws36Z nQlc2Dk124mqkiM X2SzbeGUw==
                  =L4AL
                  -----END PGP SIGNATURE-----

                    Comment

                    Previous template Next
                    Working...