IETF Logo Mail Archive

Re: [openpgp] Encrypting / Signing the mail subject?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 01 April 2015 17:27 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29DA71A016C for <openpgp@ietfa.amsl.com>; Wed, 1 Apr 2015 10:27:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.6
X-Spam-Level:
X-Spam-Status: No, score=-1.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AlYKcXK64oMc for <openpgp@ietfa.amsl.com>; Wed, 1 Apr 2015 10:27:01 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 719BD1A0127 for <openpgp@ietf.org>; Wed, 1 Apr 2015 10:27:01 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 92F65F984; Wed, 1 Apr 2015 13:26:59 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id CABE520286; Wed, 1 Apr 2015 12:26:56 -0500 (CDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Albrecht Dreß <albrecht.dress@arcor.de>
In-Reply-To: <HaTVi7dNLJcZw0nTA6SRq9@Qm1ywwkFbFR91EjVgljQg>
References: <HaTVi7dNLJcZw0nTA6SRq9@Qm1ywwkFbFR91EjVgljQg>
User-Agent: Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Wed, 01 Apr 2015 13:26:56 -0400
Message-ID: <87bnj7g3of.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/-sFmEQfd27VZKcn78ebDbnGtAkA>
Cc: gnupg-devel@gnupg.org, Werner Koch <wk@gnupg.org>, IETF OpenPGP <openpgp@ietf.org>, Hanno Böck <hanno@hboeck.de>
Subject: Re: [openpgp] Encrypting / Signing the mail subject?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 17:27:02 -0000

On Sat 2015-03-28 10:19:54 -0400, Albrecht Dreß wrote:
> And I think it's not necessary if RFC 5751 would simply define that
> the "inner" protected message container *must* have the same
> Message-ID as the "outer" one.  If anyone is concerned that this
> violates the requirement of uniqueness (RFC 5322, sect. 3.6.4), the
> inner container could have instead of the "Message-ID" (which is *not*
> required!) something like a "Protected-Message-ID" with the same
> value.  If someone tampered with the "outer" message-id, the receiving
> MUA could still detect this case by the presence of the
> "Protected-Message-ID".  This approach would *not* break compatibility
> with existing implementations.

requiring the inner-message-id to be identical to the outer message-id
would mean that you would not be able to hide the message-id in an
encrypted message.

hiding the message-id would be useful, for example, when sending the
same message to multiple mailboxes, encrypted separately, but not
wanting the server operators to be able to link those messages together
as the same message.

   --dkg

v2.23.0 | Report a Bug | By Email