-- title: Do /you/ have a MUA ready to follow 'mailto:' links?
-- author: pesco
-- date: 2009-11-22 11:22
-- lang: en

<</img/2009/stift-uhr.jpg>>

Just wondering, because if you do, you can now leave comments on posts on this
site. Of course, my solution is unusual and specifically excludes HTML forms,
CGI scripts or any other webcrap. Honestly though, I think it's kind of elegant
like this:

 *	Follow the "reply" link on one of the blog entries. Or copy and paste
	the address. It has the form:

	    comment-<path.to.post>@khjk.org

 *	Put your comment text into the body of the email. The subject is
	ignored. You can use email-style "ASCII art markup" like '*asterisks*'
	for *bold face*, '/slashes/' for /emphasis/, '>'-style quotes, etc.

 *	A "little" script[/submitcomment.hs] (actually, it got partly
	hideous with all the {email parsing}[/Email.hs] and whatnot)
	receives the message via 'procmail' and decides to forward it for
	moderation.

 *	I read the email like all the others (i.e: on my phone or whatever)
	and if it's ok simply forward it back to the comment address. This
	leaves my PGP signature on it.

 *	The little script does a few checks, recognizes the signature, and
	stores the included message somewhere the {site generator}[/generate.hs]
	will find it.

 *	The site's HTML content is regenerated. If the 'From:' address
	contained a name, that will be shown as the comment's author.
	To remain anonymous, leave out your name (that's a slogan).
	The address itself will never be revealed, of course.

 *	To post a reaction to a comment, I can reply to the OP's email, leaving
	the comment address in 'Cc' (group reply).

	In theory, the reply will already carry my signature and go directly
	through the little script and appear as a comment on the site.
	Unfortunately, this doesn't work in the current reality: Little
	script needs the signature over the /entire/ comment message (a
	mime part of type 'message/rfc822') to check the metadata for
	consistency.
	This is the case with forwarded messages,
	but in a "regular" signed email, the signature only extends
	across the 'text/plain' body.

	So, if you want to do me a great favour, add an option to 'mutt' to
	sign headers by using a 'message/rfc822' part:

	    multipart/signed
	        application/pgp-signature
	        message/rfc822              -- includes headers AND body

	/vs./

	    multipart/signed
	        application/pgp-signature
	        text/plain                  -- only the message body :(

 *	Obviously, this game can go on through the entire thread of discussion
	by just keeping the comment address in 'Cc' at all times.

Anyway, with this yak now out of the way, back to important work. I've got a
few crazy ideas on which I'd very much appreciate feedback. Stay tuned.