Subject: Re: NetBSD Security Advisory 2002-009: Multiple vulnerabilities in
To: Ignatios Souvatzis <email@example.com>
From: Todd Vierling <firstname.lastname@example.org>
Date: 08/02/2002 19:39:34
On Fri, 2 Aug 2002, Ignatios Souvatzis wrote:
: > We'll use this to see how many people check sigs ;-)
: I'd auto-check them if they had proper PGP/MIME headers...
Please don't use "application/pgp". This **DOES NOT** come up as plaintext
in the majority of MIME-aware MUA's, and thus, it should only be used for
ASCII armored (or base64-encoded binary) PGP blocks.
Signed cleartext should only use a "text/*" Content-Type. If you're worried
about whitespace corruption, Quoted-Printable it. And if you really want
its own Content-Type in the absence of an official one, you can always do
"text/x-pgp" or similar with the "x-" prefix.
-- Todd Vierling (email@example.com)