From: Daniel Kahn Gillmor Date: Tue, 20 Aug 2013 17:03:27 +0000 (+2000) Subject: Re: Inline-encryption, encryption failure when storing sent mails X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=ef0fffc90949332127dba73c72e2e1c23f5d7f90;p=notmuch-archives.git Re: Inline-encryption, encryption failure when storing sent mails --- diff --git a/b1/19aa142fbf7a5cff92563e096cb4454cd70c4a b/b1/19aa142fbf7a5cff92563e096cb4454cd70c4a new file mode 100644 index 000000000..a96c86927 --- /dev/null +++ b/b1/19aa142fbf7a5cff92563e096cb4454cd70c4a @@ -0,0 +1,148 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id 52015431E84 + for ; Tue, 20 Aug 2013 10:03:37 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id F5LycRLwAveK for ; + Tue, 20 Aug 2013 10:03:32 -0700 (PDT) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by olra.theworths.org (Postfix) with ESMTP id 72388431E62 + for ; Tue, 20 Aug 2013 10:03:32 -0700 (PDT) +Received: from [192.168.13.198] (lair.fifthhorseman.net [108.58.6.98]) + by che.mayfirst.org (Postfix) with ESMTPSA id 7B8F4F984 + for ; Tue, 20 Aug 2013 13:03:28 -0400 (EDT) +Message-ID: <5213A15F.30109@fifthhorseman.net> +Date: Tue, 20 Aug 2013 13:03:27 -0400 +From: Daniel Kahn Gillmor +User-Agent: Mozilla/5.0 (X11; Linux x86_64; + rv:17.0) Gecko/20130630 Icedove/17.0.7 +MIME-Version: 1.0 +To: notmuch@notmuchmail.org +Subject: Re: Inline-encryption, encryption failure when storing sent mails +References: + + <878v02ysfg.fsf@maritornes.cs.unb.ca> +In-Reply-To: <878v02ysfg.fsf@maritornes.cs.unb.ca> +X-Enigmail-Version: 1.5.1 +Content-Type: multipart/signed; micalg=pgp-sha512; + protocol="application/pgp-signature"; + boundary="----enig2HECLHCUIJSUIIGXLDODV" +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Tue, 20 Aug 2013 17:03:37 -0000 + +This is an OpenPGP/MIME signed message (RFC 4880 and 3156) +------enig2HECLHCUIJSUIIGXLDODV +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +On 08/16/2013 04:02 AM, David Bremner wrote: +> Simon Hirscher writes: +>=20 +>> 1. Support for inline-encryption As far as I can see, so far only +>> encrypted mails with PGP/MIME are supported. Couldn't notmuch also +>> support text/plain messages that contain PGP-encrypted messages by +>> scanning for "^-----BEGIN\ PGP\ (SIGNED\ )?MESSAGE"? =E2=80=93 as sugg= +ested in +>> a previous message to this mailing list +>> (id:87zl3az8mm.fsf@lillypad.riseup.net; web view: +>=20 +> If someone feels inspired to work on this, maybe=20 +>=20 +> notmuch-wash-convert-inline-patch-to-part +>=20 +> (in notmuch-watch.el) might be a reasonable place to start. + +if anyone does feel inclined to work on this, please consider that +dealing cleanly an inline-signed message has a number of serious +problems, not least of which is the Content-Type. + +I've been meaning to write this up more cleanly, but a summary here will +have to do for now: + +The MIME Content-Type header for an inline-PGP-signed e-mail message is +not signed. This means that an attacker can replay a signed message +while undetectably changing the Content-Type. One example of such an +attack is to leave the base Content-Type as text/plain but to switch +charsets -- the same bytestream can then be interpreted differently. + +For example, depending on the charset, the same bytestream can be +represented as: + + The rental is =E2=82=AC13/week for unit 7. + +[charset=3Dbig5] + +or: + + The rental is =C2=A3=D7=9113/week for unit 7. + +[charset=3Diso-8859-8] + +since 1GBP =3D 1.17EUR, this represents a change of 17% in the value of +the signed message while retaining the signature's validity :P + +Given that you don't have cryptographically-reliable Content-Type +information, will you be comfortable indicating that the message is +actually signed? + +Also, inline-signed messages may not span the entire part. That is, a +message could have a bit of unsigned text above or below the +inline-signature. The current user-facing UI in notmuch-emacs indicates +whether each part is individually signed or not. How would +notmuch-emacs indicate reliably to the user that only a portion of the +part is signed? + +In short: inline PGP is a mess, and existing implementations which try +to cope with it have severe shortcomings. I'd rather avoid introducing +new types of failure to notmuch. + + --dkg + + +------enig2HECLHCUIJSUIIGXLDODV +Content-Type: application/pgp-signature; name="signature.asc" +Content-Description: OpenPGP digital signature +Content-Disposition: attachment; filename="signature.asc" + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.14 (GNU/Linux) +Comment: Using GnuPG with Icedove - http://www.enigmail.net/ + +iQJ8BAEBCgBmBQJSE6FfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB +NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpc6O4P/1mDlyMjavqICRYT78ssI0dC +NU6Oc70NE2b6xkjpsM5xwitYy4Cr0x4z/invb02Du/gJ4soZmGEyeouj9yrjuqOc +PEQiXEFesUvoWxvFkS+WUAv56J3ZUVx487Ae6UUMI6b8Yy49gYTZKJ4E0R8dhHXg +BFFy7H4X04GHwTgWEQ+P3Qbkf2cXd1BODfT/TvKK4ewlnl8AsQOVc8S0oeuO7Ql9 +7bIDK6MX/g7Spv+h6DyZhpgcVJUw81CQcN6Pzvrja4VgbKMQ6dHZbvYgA+k3EZHc +ghMskJh9KIodkdx8L4DbqC3n/WpKfGVAmXJe8t4uq4n9LL4VfZxOya8aGdGhSiUJ +ZeHkmw3GP8AnomMUHAXqfrdMR/LKi7rHxE/OM+AoT9rim7fpCmSqbmBuFeyGIIzD +iTiodsJ8Z3vQ9iK50dNJcUJnWTRQnePHBCRv888al491G2hzDRq+rFy4ybQupA0G +7QNeVTBNdCvWkbj9imNS+8VSUd7wKU5AkQr51iJw9vXjF3fcg1wTCMGaITv6w9hV +yVtPD8wQ88Mvx/tmbMpe0a/weQWN/HDl9w/0KzPlshetmzwe+HAiWxNgjmi7ICFh +4FsFBgKqZnYIsz+FyLGJeCYn4pzCXBMrJZgjqB7WJ8dHVfUwEQBlmtPS28VR0xER +ioh50g9CtLuQUI44ujnV +=HHmd +-----END PGP SIGNATURE----- + +------enig2HECLHCUIJSUIIGXLDODV--