From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 4C1BD431FBF for ; Tue, 18 Feb 2014 10:32:20 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NZr1DVcseCRE for ; Tue, 18 Feb 2014 10:32:15 -0800 (PST) Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by olra.theworths.org (Postfix) with ESMTP id 35134431FBD for ; Tue, 18 Feb 2014 10:32:15 -0800 (PST) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 58423F984 for ; Tue, 18 Feb 2014 13:32:11 -0500 (EST) Received: by fifthhorseman.net (Postfix, from userid 1000) id EE9702006A; Tue, 18 Feb 2014 13:32:01 -0500 (EST) From: Daniel Kahn Gillmor To: notmuch@notmuchmail.org Subject: Re: Inline-encryption, encryption failure when storing sent mails In-Reply-To: <5213A15F.30109@fifthhorseman.net> References: <878v02ysfg.fsf@maritornes.cs.unb.ca> <5213A15F.30109@fifthhorseman.net> User-Agent: Notmuch/0.17 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-pc-linux-gnu) Date: Tue, 18 Feb 2014 13:31:58 -0500 Message-ID: <87lhx8w9up.fsf@alice.fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Feb 2014 18:32:20 -0000 --=-=-= Content-Type: text/plain On Tue 2013-08-20 13:03:27 -0400, Daniel Kahn Gillmor wrote: > I've been meaning to write this up more cleanly, but a summary here will > have to do for now: > > The MIME Content-Type header for an inline-PGP-signed e-mail message is > not signed. This means that an attacker can replay a signed message > while undetectably changing the Content-Type. One example of such an > attack is to leave the base Content-Type as text/plain but to switch > charsets -- the same bytestream can then be interpreted differently. I've finally written this up, with a demonstration. I'm hosting it here for now: https://dkg.fifthhorseman.net/notes/pgp-inline-harmful/ i hope this is useful for future discussions about inline PGP. Please let me know if you see any problems with the text or if you have any questions. --dkg --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJTA6cfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcObUP/0qWGWThMjijVrjutmFcIcn+ QbFvZlbb5/+BuY+Y90RYjUaVynxsPIKAvzbdvtB0Pl18f9miK3Hyw0VPstS6W6YO K922vrFfA9VIMNpS7fmTqgmSXHIhQb+4Ap8QKMSi+WQNi3wA3hCvs/BjdMSamMSQ 1GfPkeM7ZtDrW/u5CdzgOYq7d6knksmzMHUoB2kIyXUHbbuqIvlNZDbzrHWRYzIT AlzzEXTJziW009pqhSZ8SOF1G8O6Ii0ygSf1zURoTzI1cpFFakn6K/bJTiwE6kwQ GXMV9GsLdKu3t3M5/RKJ4Hmng4nFeI5chr8SUcAYJ28SmUUzLnTAo1hGGKt1cCKl vV/bF1OP4ddJONcSwIi8ypK8RCdL2UcBP7SXcT+PkhWlr9R5iYtJ1Zk1jjRr6vOB 8yd03tw7KZ5vX3R9QBsZNS2nMzg3V596JhAQCOnTGcTQNYwDYq6f5i+yQvo5ArPb JMpG8vadK6Hb+oCz9HvrbdGZxMPs61HuiZaSL8WE5k7gIF5KhOaTC09rmQ3eie5H dycQwxw8zaMlykjUliKP66yMmxWqqiAaoVws+njNMOCxFyqhQomqgNxK3nunoM92 l8HfsbEAq6vMUc246QsTWG9Dl8UFvXiSkFjJrLHVX091p6b2yfTmkm2fDWCQbQqM uHt5j8YL3NylsLZ5vSFG =Vsxy -----END PGP SIGNATURE----- --=-=-=--