Emails that use PGP manifest format should contain signed manifests. As manifests also contain hashes of other parts of the email, it will automatically verify other parts of the emails. We will use sign-and-encrypt. Encrypted and armored manifest blob will contain a cleartext message with a JSON manifest in the first part and then a signature.
PGP/MIME encryption will use whatever is specified in the RFC.
andreis
commented
9 years ago
Emails that use PGP manifest format should contain signed manifests. As manifests also contain hashes of other parts of the email, it will automatically verify other parts of the emails. We will use sign-and-encrypt. Encrypted and armored manifest blob will contain a cleartext message with a JSON manifest in the first part and then a signature.
PGP/MIME encryption will use whatever is specified in the RFC.