From d51e4a126734fb2a15df698ced85487eac6f9c99 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 15 Mar 2014 11:14:52 +2000 Subject: [PATCH] Re: Smime signature verification in Notmuch - Emacs --- e5/8f536d15c6441a19a095743eaaca0fd1587192 | 139 ++++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 e5/8f536d15c6441a19a095743eaaca0fd1587192 diff --git a/e5/8f536d15c6441a19a095743eaaca0fd1587192 b/e5/8f536d15c6441a19a095743eaaca0fd1587192 new file mode 100644 index 000000000..6324944f2 --- /dev/null +++ b/e5/8f536d15c6441a19a095743eaaca0fd1587192 @@ -0,0 +1,139 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id 5ED99431FB6 + for ; Fri, 14 Mar 2014 08:15:03 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 3zRVHtCvWDOK for ; + Fri, 14 Mar 2014 08:14:54 -0700 (PDT) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by olra.theworths.org (Postfix) with ESMTP id A6098431FAE + for ; Fri, 14 Mar 2014 08:14:54 -0700 (PDT) +Received: from [10.70.10.55] (unknown [38.109.115.130]) + by che.mayfirst.org (Postfix) with ESMTPSA id 5A47BF984; + Fri, 14 Mar 2014 11:14:51 -0400 (EDT) +Message-ID: <53231CEC.6070101@fifthhorseman.net> +Date: Fri, 14 Mar 2014 11:14:52 -0400 +From: Daniel Kahn Gillmor +User-Agent: Mozilla/5.0 (X11; Linux x86_64; + rv:24.0) Gecko/20100101 Icedove/24.2.0 +MIME-Version: 1.0 +To: Baptiste , notmuch@notmuchmail.org +Subject: Re: Smime signature verification in Notmuch - Emacs +References: <87y50r42do.fsf@bat.fr.eu.org> + <531F4FDD.6000506@fifthhorseman.net> <87siqlrqq8.fsf@bat.fr.eu.org> +In-Reply-To: <87siqlrqq8.fsf@bat.fr.eu.org> +X-Enigmail-Version: 1.6 +Content-Type: multipart/signed; micalg=pgp-sha512; + protocol="application/pgp-signature"; + boundary="XE5cd1LDwo1B8WC14iSwGgifT8sWAa3Fe" +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Fri, 14 Mar 2014 15:15:03 -0000 + +This is an OpenPGP/MIME signed message (RFC 4880 and 3156) +--XE5cd1LDwo1B8WC14iSwGgifT8sWAa3Fe +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +Hi Baptiste-- + +On 03/14/2014 06:58 AM, Baptiste wrote: + +> firstly, sorry for my previous mail, you are right, it was broken. This= + one=20 +> should be better. + +i didn't mean to imply it was broken at all. i haven't tested it :) + +> Truly, it would be better to implement it directly in notmuch core. + +i agree with this. + +> Signature verification just present a line with the signature owner and= + the=20 +> trust chain status (/green/ for good verification, /orange/ for self si= +gned only=20 +> signature). No verification is made today against :From field. + +what does "good verification" mean? This seems to imply that there is a +trusted root store used. how does the user configure this trust store? + what about non-self-signed and unvalidated certificates? (e.g. certs by +unknown issuers, certs by known but untrusted issuers, certs with +unknown signature algorithms, certs without proper EKUs for creating +S/MIME signatures, etc.) + +> (green) [ Good signature by: bateast@bat.fr.eu.org - 08F4ED ] +> (orange) [ Good signature by key: 0x08F4ED self signed for bateast@bat.= +fr.eu.org ] + +the use of 08F4ED here is a bit confusing. i see from further below +that this refers to the serial number of the cert; but serial numbers +are not guaranteed to be unique (they are supposed to be unique across +issuers, but most root trust stores (and X.509 chains) can accept +certifications from different issuers). what does displaying this +information do for the user? + +> My opinion is that S/MIME is more and more widely used today, and then = +relying=20 +> only on gpg for signature or encryption is a bit rough. + +I agree that S/MIME support would be nice; i think implementing it in +the notmuch core is the way to go. fwiw, gmime already has a +cryptocontext that is supposed to handle S/MIME; it just needs proper +integration, similar to the PGP/MIME integration in notmuch core: + + https://developer.gnome.org/gmime/stable/GMimePkcs7Context.html + +This has been on my plate for, uh, over a year now, but clearly i +haven't gotten to it, and would be happy if someone else wanted to pick +it up. + + --dkg + + +--XE5cd1LDwo1B8WC14iSwGgifT8sWAa3Fe +Content-Type: application/pgp-signature; name="signature.asc" +Content-Description: OpenPGP digital signature +Content-Disposition: attachment; filename="signature.asc" + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 +Comment: Using GnuPG with Icedove - http://www.enigmail.net/ + +iQJ8BAEBCgBmBQJTIxzsXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB +NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcwF4QANWfbKZY7MjBVJO231hvbSsl +uAD9UUlLhj/JI0GfusGewoRhpPV11CUmjJKGQz28MIW4xw79w5Pbx/cR7eP2SsEW +YeHoh7N6pbaTMaS2Uhv1ksgMuUxyaUMmg38HqOEhuIp3DwW0NRYlpiV85PCxgxJV +J7pPMkvxOboNErORFjtsmXt4aoQXgmmp9Rj2KAZTKjFPEBhcpdCQgjQ81Hj6HoPs +wcFBlVTEy0f1bcrXMwyflm8Va2XB2wT1gkOJo35Alml8wmHCzfAGWx1VqZ+i8ftq +23CDZJtyZwUd27ewrmKnuYQuLc4QthFR0ckUugY9nDG3mgBq2kJ7g2dHNR7XJ/Sc +htQs+PGghRrm7FhIZAZy9L7HiC3FuBS1sWMbzWZlM1q+9F1Iw7UyHHkNmgstBElq +8vHCRJNpIP80+/S+jFZGVAPJ9Ikb3tUJpTu3poNrqVks19eMXe0rngC4dbR0zCP2 +/1n7CloUKhvctbzZ9/H1umKtXaipazxGvIb95A2pFO6t3Eefsy9cFf/YNQMIej1Q +QDqx8sTXhoMNQ+uL5V4RY7KRBgEi7BoS6exYKeHS3/JEpKfOtRh9DCxNeVt5A2BG +WAxMKQklddRlJAYc99QPiJp4lqPvUHJCm/6/KOmhfv8P7JiYfCcARSmFJ7JuojQ3 +bLc+E+QQI6v6v19efDWg +=6caX +-----END PGP SIGNATURE----- + +--XE5cd1LDwo1B8WC14iSwGgifT8sWAa3Fe-- -- 2.26.2