Re: a proposed change to JSON output to report verification of PGP/MIME signatures.

Subject: Re: a proposed change to JSON output to report verification of PGP/MIME signatures.

Date: Mon, 15 Nov 2010 11:40:43 -0500

To: David Edmondson

Cc: notmuch

From: Daniel Kahn Gillmor

On 11/15/2010 05:23 AM, David Edmondson wrote:
> i.e. the existence of the multipart/signed wrapper should be
> explicit. In general, all MIME parts should be visible. 

thanks, this makes sense to me.

> Changing the JSON output in this way would not materially affect your
> proposal, I believe. There'd be some implicit changes in the output (for
> example, if a signature signs a multipart/mixed part your proposal would
> list it as signing the sub-parts of the multipart/mixed, but with my
> additional changes it should be listed as signing the multipart/mixed
> itself).

this is interesting: under your proposed changes, the "signs" element
would not need to be a list any more. it could just be a single part ID.
 I think i like that.

"sigstatus" would still need to be a list, though, since you can have a
signature part that contains multiple signature packets.

Thanks for helping think this through, David.

	--dkg
signature.asc (application/pgp-signature)

Thread: