Using PGP for signing email is a good idea, but few people do it, which is a common argument against email in general. One big argument against it, is the confusion of most receivers.

Current Options

Currently you have two options for signing an email with PGP. PGP/INLINE means wrapping some text around your email. In this case, most receivers wonder about the strange garbage in your email. The other option is PGP/MIME, which means the receiver gets a weird attachment he cannot open.

That can be solved, if each and every email client out there would acknowledge PGP and hide it by default. Maybe show a little "this is verified and secure" icon somewhere. However, this is not feasible. What we need is some way to sneak in the signature, such that ignorant email clients ignore it.


The email headers would be possible. There are already a wide array of header fields, so adding something is not a problem. For example, spam detection software adds some fields too. As far as I know every email client out there ignores unknown header fields.


Assume the body of your email is the content of a file called foo. Then you can generate a detached sign:

gpg --output foo.sig --detach-sign foo

For an email we need ASCII, not binary, so we use Base64 to encode the sign:

base64 foo.sig

Which gives us some data like this:


Put this string into an email header called PGP-sign: and use foo for its content. Now we have successfully signed the email and the receiver can verify it with our public key.

Optional Extensions

We might also want some optional fields, so receiver can fetch our public key for verification. For example:

Those are probably not enough and might even be too much. Some people who know more about security than I do should discuss that. Personally, I foremost want better usability and graceful degradation.

© 2012-10-21