Verifying signed mail in Gnus

Verifying signed mail in Gnus

[Angel de Vicente]

[-- Attachment #1: Type: text/plain, Size: 2151 bytes --]

Hello,

it is only yesterday that I started worrying about signing/encrypting
mails, so I still have plenty of holes in my understanding of the
process in order to have a simple and secure workflow.

So here I go with some questions, based on some real scenarios that I
tried to solve today and for which I'm not sure how to proceed:

1) I got a signed mail from someone for which I don't have his public
key. I tried to use the EasyPG epa-search-keys command, but found that
the keyserver I'm using (epa-keyserver: "keys.openpgp.org") doesn't have
that key. Is it not possible (via a command prefix) to change the
keyserver to be searched by that function? I thought keyservers
exchanged information so at the end all had basically the same keys? Am
I mistaken?

2) Once I have the public PGP key of someone, I know how to sign it, so
its trust becomes "full", which Gnus shows nicely:

,----
| [[PGP Encrypted Part:OK]]
|
| [[PGP Signed Part:Good signature from 5CA8B9B7XXXXXXXX XXXXXX
| X. XXXXXXXXXX <XXXXXX@XXX.XX> (trust full) created at
| 2022-10-31T09:54:05+0000 using RSA]]
`----

but now I got an e-mail from someone using S/MIME, and despite reading
that GnuPG should be able to handle S/MIME certificates, I'm not sure
how to do it. Is there something similar to `epa-search-keys` but for
certificates? I guess since we are dealing with certificates here, I
don't need to get the individual certificate of this person, but just
the certificate for the Certification Authority, but how to find the
certificate, and how to do the equivalent of the signing above, so trust
will go from "undefined" to "full"?

,----
| [[S/MIME Signed Part:Good signature from
| DD733F6DFA9EBA0303FXXXXXXXXXXXXXXXXXXXXX /CN=XXXXX XXXXXX XXXXXX
| XXXXXXXX/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
| Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust undefined)]]
`----

Thanks for any pointers.

Cheers,
-- 
Ángel de Vicente                 -- (GPG: 0x64D9FDAE7CD5E939)
 Research Software Engineer (Supercomputing and BigData)
 Instituto de Astrofísica de Canarias (https://www.iac.es/en)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 702 bytes --]

Re: Verifying signed mail in Gnus

[Akib Azmain Turja]

[-- Attachment #1: Type: text/plain, Size: 2470 bytes --]

Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

> Hello,
>
> it is only yesterday that I started worrying about signing/encrypting
> mails, so I still have plenty of holes in my understanding of the
> process in order to have a simple and secure workflow.
>
> So here I go with some questions, based on some real scenarios that I
> tried to solve today and for which I'm not sure how to proceed:
>
> 1) I got a signed mail from someone for which I don't have his public
> key. I tried to use the EasyPG epa-search-keys command, but found that
> the keyserver I'm using (epa-keyserver: "keys.openpgp.org") doesn't have
> that key. Is it not possible (via a command prefix) to change the
> keyserver to be searched by that function? I thought keyservers
> exchanged information so at the end all had basically the same keys? Am
> I mistaken?
>
> 2) Once I have the public PGP key of someone, I know how to sign it, so
> its trust becomes "full", which Gnus shows nicely:
>
> ,----
> | [[PGP Encrypted Part:OK]]
> |
> | [[PGP Signed Part:Good signature from 5CA8B9B7XXXXXXXX XXXXXX
> | X. XXXXXXXXXX <XXXXXX@XXX.XX> (trust full) created at
> | 2022-10-31T09:54:05+0000 using RSA]]
> `----
>
> but now I got an e-mail from someone using S/MIME, and despite reading
> that GnuPG should be able to handle S/MIME certificates, I'm not sure
> how to do it. Is there something similar to `epa-search-keys` but for
> certificates? I guess since we are dealing with certificates here, I
> don't need to get the individual certificate of this person, but just
> the certificate for the Certification Authority, but how to find the
> certificate, and how to do the equivalent of the signing above, so trust
> will go from "undefined" to "full"?
>
> ,----
> | [[S/MIME Signed Part:Good signature from
> | DD733F6DFA9EBA0303FXXXXXXXXXXXXXXXXXXXXX /CN=XXXXX XXXXXX XXXXXX
> | XXXXXXXX/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
> | Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust undefined)]]
> `----
>
> Thanks for any pointers.
>
> Cheers,

How did you make Gnus display those nice messages?  My Gnus doesn't do
that (but ask me for password for decrypting mails).

-- 
Akib Azmain Turja

Find me on Mastodon at @akib@hostux.social, and on Codeberg (user
"akib").

This message is signed by me with my GnuPG key.  Its fingerprint is:

    7001 8CE5 819F 17A3 BBA6  66AF E74F 0EFA 922A E7F5

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

Re: Verifying signed mail in Gnus

[Angel de Vicente]

[-- Attachment #1: Type: text/plain, Size: 2149 bytes --]

Hello,

Akib Azmain Turja <akib@disroot.org> writes:

> Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

>> but now I got an e-mail from someone using S/MIME, and despite reading
>> that GnuPG should be able to handle S/MIME certificates, I'm not sure
>> how to do it. Is there something similar to `epa-search-keys` but for
>> certificates? I guess since we are dealing with certificates here, I
>> don't need to get the individual certificate of this person, but just
>> the certificate for the Certification Authority, but how to find the
>> certificate, and how to do the equivalent of the signing above, so trust
>> will go from "undefined" to "full"?

This part I found how to do. Basically Gnus+GnuPG already imported the
certificate for me, which I could verify by doing "gpgsm -k", and then I
just had to set the root CA as trustworthy in the file
"~/.gnupg/trustlist.txt" 

With that, I now get (trust full) for this person.
,----
| [[S/MIME Signed Part:Good signature from
| DD733F6DFA9EBA0303F699xxxxxxxxxxxxxxxxxx /CN=xxxxx xxxxxx xxxxxx
| xxxxxxxx/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
| Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust full)]]
`----

Actually, it looks like S/MIME is much more convenient than GPG, since I
only have to deal with giving trust to the root CA, and then all
certificates given by that CA will have full trust immediately? Maybe
when digital certificates were not so common, PGP/MIME was a better
option, but now it looks like S/MIME should be easier for
key/certificates management? (I have one day of experience with this, so
don't take my word for it :-) )

> How did you make Gnus display those nice messages?  My Gnus doesn't do
> that (but ask me for password for decrypting mails).

I think you get those by setting gnus-buttonized-mime-types:
 '(gnus-buttonized-mime-types '("multipart/encrypted" "multipart/signed"))

Cheers,
-- 
Ángel de Vicente                 -- (GPG: 0x64D9FDAE7CD5E939)
 Research Software Engineer (Supercomputing and BigData)
 Instituto de Astrofísica de Canarias (https://www.iac.es/en)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 702 bytes --]

Re: Verifying signed mail in Gnus

[Akib Azmain Turja]

[-- Attachment #1: Type: text/plain, Size: 620 bytes --]

Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

>> How did you make Gnus display those nice messages?  My Gnus doesn't do
>> that (but ask me for password for decrypting mails).
>
> I think you get those by setting gnus-buttonized-mime-types:
>  '(gnus-buttonized-mime-types '("multipart/encrypted" "multipart/signed"))

Thanks, it worked!  Learning never ends...

-- 
Akib Azmain Turja

Find me on Mastodon at @akib@hostux.social, and on Codeberg (user
"akib").

This message is signed by me with my GnuPG key.  Its fingerprint is:

    7001 8CE5 819F 17A3 BBA6  66AF E74F 0EFA 922A E7F5

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

Re: Verifying signed mail in Gnus

[GH]

Akib Azmain Turja <akib@disroot.org> writes:

> How did you make Gnus display those nice messages?  My Gnus doesn't do
> that (but ask me for password for decrypting mails).

reading the mail press:   W s

Re: Verifying signed mail in Gnus

[Uwe Brauer]

[-- Attachment #1: Type: text/plain, Size: 3006 bytes --]

>>> "AdV" == Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

> Hello,
> Akib Azmain Turja <akib@disroot.org> writes:

>> Angel de Vicente <angel.vicente.garrido@gmail.com> writes:

>>> but now I got an e-mail from someone using S/MIME, and despite reading
>>> that GnuPG should be able to handle S/MIME certificates, I'm not sure
>>> how to do it. Is there something similar to `epa-search-keys` but for
>>> certificates? I guess since we are dealing with certificates here, I
>>> don't need to get the individual certificate of this person, but just
>>> the certificate for the Certification Authority, but how to find the
>>> certificate, and how to do the equivalent of the signing above, so trust
>>> will go from "undefined" to "full"?

> This part I found how to do. Basically Gnus+GnuPG already imported the
> certificate for me, which I could verify by doing "gpgsm -k", and then I
> just had to set the root CA as trustworthy in the file
> "~/.gnupg/trustlist.txt" 

> With that, I now get (trust full) for this person.
> ,----
> | [[S/MIME Signed Part:Good signature from
> | DD733F6DFA9EBA0303F699xxxxxxxxxxxxxxxxxx /CN=xxxxx xxxxxx xxxxxx
> | xxxxxxxx/O=Instituto de Astrofisica de Canarias/STREET=Calle Vía
> | Láctea, s\x2fn/ST=Santa Cruz de Tenerife/C=ES (trust full)]]
> `----

> Actually, it looks like S/MIME is much more convenient than GPG, since I
> only have to deal with giving trust to the root CA, and then all
> certificates given by that CA will have full trust immediately? Maybe
> when digital certificates were not so common, PGP/MIME was a better
> option, but now it looks like S/MIME should be easier for
> key/certificates management? (I have one day of experience with this, so
> don't take my word for it :-) )

>> How did you make Gnus display those nice messages?  My Gnus doesn't do
>> that (but ask me for password for decrypting mails).

SMIME and (g)gpg are basically orthogonal to each other in some aspects
although the rely on asymmetric encryption

I started to use (g)pgp and then switched to SMIME, because

    1. The public key interchange is so much simpler (but see below
       risks), since the public key is always embedded in your signature

    2. SMIME support is basically shipped in most MTA, moreover the key
       generation is also much simpler for newbies.

    3. IF you have the all the relevant CAs installed (which might not
       always be the case), the authentification is done automatically,
       for GNU/Linux for example by the ggpsm program which is used
       usually by emacs.

    4. Some government agencies already provide SMIME keys for their
       residents, for example Spain.


The downside and disadvantages of SMIME is its hierarchical structure,
which makes it very convenient, however: once a root CA is
compromised, the whole security breaks down, that is not the case for
PGP since there  you rely on a web of trust/

Uwe Brauer 

[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 5673 bytes --]

Re: Verifying signed mail in Gnus

[Björn Bidar]

Uwe Brauer <oub@mat.ucm.es> writes:

>    1. The public key interchange is so much simpler (but see below
>     risks), since the public key is always embedded in your signature

There are movement on going to improve that notably autocrypt. The only
downside is that email clients in general aren't that good or good to
adapt to new standards.

>     2. SMIME support is basically shipped in most MTA, moreover the key
>      generation is also much simpler for newbies.

What I see quite often that PKCS#11 is not always implemented in all
programs that use similar certificates as SMIME where as for pgp it was
never an issue to use hardware tokens since most programs us gpg.

>     3. IF you have the all the relevant CAs installed (which might not
>       always be the case), the authentification is done automatically,
>       for GNU/Linux for example by the ggpsm program which is used
>       usually by emacs.

I think that is also possible with pgp but it depends on your pgp
program and your email program. Clients such as Kmail can do these
things automatically I think.


>     4. Some government agencies already provide SMIME keys for their
>        residents, for example Spain.

Some governments or agencies support pgp, quite often security researchs
offer it.
In Germany some of parts justice system support pgp, although I haven't
seen them distribute their keys on a keyserver.

Br,

Björn

Re: Verifying signed mail in Gnus

[Tomas Hlavaty]

On Wed 02 Nov 2022 at 22:52, Björn Bidar <bjorn.bidar@thaodan.de> wrote:
> In Germany some of parts justice system support pgp, although I haven't
> seen them distribute their keys on a keyserver.

Are you sure?
What parts of the justice system exactly?

I find it hard to believe.

For example, jurists have to use besondere elektronische
Anwaltspostfach (beA); compulsory since 2022-01-01:

   Bereits seit dem 1.1.2018 gilt für Rechtsanwältinnen und
   Rechtsanwälte die passive Nutzungspflicht.

   Am 1.1.2022 ist als nächster Schritt die generelle aktive
   Nutzungspflicht eingeführt worden. Seitdem sind Rechtsanwältinnen und
   Rechtsanwälte flächendeckend verpflichtet, den Gerichten Dokumente
   elektronisch zu übermitteln.

   Der Zugang zum beA sowie die beA-Webanwendung erfolgt wie gewohnt
   über https://www.bea-brak.de.

Courts use something called EGVP.

BNotK is in the process of centralising signatures (use their remote
server instead of a local card).

A lot of institutions are on that system.

It seems to be very complex, custom, walled, mandatory messaging system
without end-to-end encryption and soon (this year) with remote
signatures provided by a third party delegated by BNotK.

I would be surprised if anybody used PGP there.

Re: Verifying signed mail in Gnus

[Björn Bidar]

Tomas Hlavaty <tom@logand.com> writes:

> On Wed 02 Nov 2022 at 22:52, Björn Bidar <bjorn.bidar@thaodan.de> wrote:
>> In Germany some of parts justice system support pgp, although I haven't
>> seen them distribute their keys on a keyserver.
>
> Are you sure?
> What parts of the justice system exactly?

The justice system in NRW at least does it. This is the list of their
public keys:
https://www.justiz.nrw.de/JM/schwerpunkte/erv/Fotos-Logo/Link_Zertifikate_HTTPS.pdf

(The website is offline right now)

However the general justice system thinks email isn't confidential
enough advertises the insecure and otherwise flawed De-Mail..
https://justiz.de/ervvoe/textordner_fuer_buerger/index.php;jsessionid=C4E93095DFBFD376F1C3D71FEDE49261

Re: Verifying signed mail in Gnus

[Tomas Hlavaty]

On Thu 03 Nov 2022 at 07:24, Björn Bidar <bjorn.bidar@thaodan.de> wrote:
> Tomas Hlavaty <tom@logand.com> writes:
>> On Wed 02 Nov 2022 at 22:52, Björn Bidar <bjorn.bidar@thaodan.de> wrote:
>>> In Germany some of parts justice system support pgp, although I haven't
>>> seen them distribute their keys on a keyserver.
>>
>> Are you sure?
>> What parts of the justice system exactly?
>
> The justice system in NRW at least does it. This is the list of their
> public keys:
> https://www.justiz.nrw.de/JM/schwerpunkte/erv/Fotos-Logo/Link_Zertifikate_HTTPS.pdf
>
> (The website is offline right now)

Interesting.
All the keys seem to be from 2017.
A lot has changed since then.