Subject: Re: NetBSD Security Advisory 2002-009: Multiple vulnerabilities in
To: Ignatios Souvatzis <>
From: Todd Vierling <>
List: current-users
Date: 08/02/2002 19:39:34
On Fri, 2 Aug 2002, Ignatios Souvatzis wrote:

: > We'll use this to see how many people check sigs ;-)
: I'd auto-check them if they had proper PGP/MIME headers...

Please don't use "application/pgp".  This **DOES NOT** come up as plaintext
in the majority of MIME-aware MUA's, and thus, it should only be used for
ASCII armored (or base64-encoded binary) PGP blocks.

Signed cleartext should only use a "text/*" Content-Type.  If you're worried
about whitespace corruption, Quoted-Printable it.  And if you really want
its own Content-Type in the absence of an official one, you can always do
"text/x-pgp" or similar with the "x-" prefix.

-- Todd Vierling (