Continuing Add support for inline PGP · Issue #2029 · chatmail/core · GitHub discussion here.
Currently Delta Chat only supports PGP/MIME messages, but not PGP/Inline. Support for parsing and decryption of inline PGP messages is needed for interoperability with clients like FlowCrypt which can’t send MIME messages.
Inline PGP signatures have security problems documented in
- Weblog for dkg - Inline-PGP considered harmful
- Inline PGP signatures considered harmful
- Inline PGP in E-mail is bad, Mm'kay?
So the messages should not be displayed as if they are signed and the signature should not be checked.
But we can still support inline PGP encryption and decrypt it automatically.
Such messages are not considered to be “encrypted” in Autocrypt
At least they can be decrypted and presented without a padlock, like plaintext messages.