Unless you are a programmer, it mostly isn’t. Yet. However, if you are a programmer or if you want to send and receive secure messages, then it is kind of interesting. One interesting thing (for programmers) is that it gives you free encrypted git repos. That’s rad. Also, if you want to start sharing the repo with someone, that’s pretty easy, too. Another really neat-o thing is that you can send an encrypted message to a keybase user without having to figure out how to install PGP, how to integrate it with your email client, or how to look up your recipient’s PGP key. That’s pretty cool.
Several days and a lot of testing later, I think I have the answer: don’t try to build a play-by-email service in Google AppEngine. The limitations imposed by the environment make it a bad place to do a lot of email traffic that requires anything other than text/plain or text/html. Because Google has defined javax.mail.Transport to use the AppEngine mail service, you can’t choose to connect to a different SMTP host; if you specify an external SMTP server (such as SendGrid or Pobox) in the Session, Google’s Transport implementation ignores it and still uses the AppEngine mail service. When you try to use a web API to send your message through SendGrid, that screws up the MIME headers and your message won’t validate (if it’s even readable) at the receiver’s end.
That said, I have finally figured out how to prepare and send a PGP signed MIME message such that it arrives and validates properly. Since nobody else has written that down on the web (that I could find), I’ll detail the recipe here.
I’ve been working on adding play-by-email support to my turn-based game server. The first problem I hit was that the PGP signatures on the server’s messages were invalid when I checked them on my email client. This led to lots of debugging and unit tests in my crypto utility. That’s not really wasted effort, but it also wasn’t the problem.
It turns out that even though the RFC limit on line length is 1000 characters and there are well-known implementation limits that are only slightly lower, there exists somewhere in the chain from Google AppEngine to Apple Mail some chunk of code that inserts newlines into lines that are much shorter. I didn’t do exhaustive testing, but it seems to happen before 80. The perfectly valid signatures were being rendered invalid because somebody was altering the message after the server signed it and handed it off to the transport agent.
The solution I chose was to use WordUtils from commons-text and to wrap the message at 70 characters before signing. This seems to work. It’s just kind of dumb that it’s necessary, but it’s a good reminder that the thing in your inbox may not actually be the thing sent to you by whomever, and that PGP signing your messages is a good idea even if you don’t encrypt them.