Chris Howie wrote:
I would agree to some extent. Did you PGP/GPG users
out there (I am
one, I just don't sign much anymore) realize that a
properly-configured client can send the signature as an attachment and
not inline? Look at Kwan Ting Chan's message, for example. It looks
much cleaner and is just as verifiable.
I do it that way, the thing to look for in your configuration screens is
"PGP/MIME".
However, it's not without its downsides. Back when I used Eudora as my
mail client I routinely had to delete hundreds of little orphaned
signature attachments from the attachments directory, and as someone
else in the thread has pointed out it doesn't work so well with digests.
Since PGP signatures only take a couple of lines in the non-attached
form I don't think it's a big issue to worry about one way or the other.