From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 1E4316DE1085 for ; Tue, 4 Jun 2019 01:15:55 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.163 X-Spam-Level: X-Spam-Status: No, score=-0.163 tagged_above=-999 required=5 tests=[AWL=0.038, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iZllS_vbAgIo for ; Tue, 4 Jun 2019 01:15:52 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 7745E6DE104E for ; Tue, 4 Jun 2019 01:15:52 -0700 (PDT) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1559636150; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=DaNFeL/v/gsDBncgKBSv+nl+jnGa+w11ciyMINLYg4s=; b=4uEfVR+NJhBq4S9mLc+pV2QqSZhdfD6zg0tPzD9o9sic+8sQiU8MW+kQ RW82EGHTRupmuYOBqSdD5dfxdAGaDA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1559636150; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=DaNFeL/v/gsDBncgKBSv+nl+jnGa+w11ciyMINLYg4s=; b=BnqyK2Vh6LENQIC/zrpfTC+t8IECKHzyGymAjdYHQeFsJFP6DiO0qBNB zvRl+kfw9VEiCKVgMHCBAEA2qjI8D/5AssamZhIMmaHKkKhAqX9fxhfDPf lucXbAUGF46yhCg8JJrKOZtm5XtUfnPtTCSYjK8iD+Fa8I1GqgnrrrYFL3 PEzim+pdJXxGy1S01YQ2AVYu0wam+wjP/jTr2R43aPbaHj2+FIjT0X9H/h ZZ5EGsd+Jxps5BGjRxOoBG5qZIkhkP99b93Fa9UcsRz8bQn61ocf5zM/ms FImnwmoJZOTgPe7JSZpSxZsLnoXfH0FmuwliOipOzRZCR8fTs2Tp3A== Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id A202FF99D; Tue, 4 Jun 2019 04:15:48 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 09F3E201C0; Mon, 3 Jun 2019 18:21:20 -0400 (EDT) From: Daniel Kahn Gillmor To: =?utf-8?Q?=C3=96rjan?= Ekeberg , Ralph Seichter , notmuch@notmuchmail.org Subject: Re: feature request: caching message arrival time In-Reply-To: <87imtmpsgi.fsf@swing.csc.kth.se> References: <8736kuhtky.fsf@fifthhorseman.net> <875zpppevs.fsf@ra.horus-it.com> <87tvd9gw5w.fsf@fifthhorseman.net> <87v9xnt5as.fsf@swing.csc.kth.se> <87muiyhkpy.fsf@fifthhorseman.net> <87imtmpsgi.fsf@swing.csc.kth.se> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw== Date: Mon, 03 Jun 2019 18:21:19 -0400 Message-ID: <875zpmgvj4.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Jun 2019 08:15:55 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Mon 2019-06-03 18:02:53 +0200, =C3=96rjan Ekeberg wrote: > As far as I understand the autocrypt protocol (i.e. not much;-) ), the > vulnerability is that an incoming message with a later time-stamp than > the locally saved autocrypt status can update the stored state > (e.g. turn off encryption). Manipulating the time-stamp to make the > message appear to be *older* than it really is should only mean that it is > less likely to update the saved state? > > If this is correct, using the oldest of all the time-stamps seen in the > Date-header and any of the Received-headers should be the most > defensive. It's the most defensive against one form of attack: forging e-mails intended to update the user's Autocrypt state about a given peer. But another form of attack is also possible: convincing the user to *not* update their Autocrypt state about a given peer, while leaving the original message otherwise plausible and intact, thereby raising no suspicions about delivery problems. I'd like notmuch's Autocrypt implementation to try to defend against either attack where possible. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQTJDm02IAobkioVCed2GBllKa5f+AUCXPWdXwAKCRB2GBllKa5f +FfLAQCOUwhKjL874KOX8HfIj1GJpar7dCOWhITWu9s7dpZqpwD+Pi3l95F8ARsI AQ7PDweoP9u/4aVnNytVOVQWjnfF/AQ= =ZlhI -----END PGP SIGNATURE----- --=-=-=--