Re: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers

Ben Laurie <ben@links.org> Tue, 16 July 2013 11:31 UTC

Return-Path: <benlaurie@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78AD711E81C6 for <openpgp@ietfa.amsl.com>; Tue, 16 Jul 2013 04:31:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qP7o-kJFRUoP for <openpgp@ietfa.amsl.com>; Tue, 16 Jul 2013 04:31:55 -0700 (PDT)
Received: from mail-qa0-x22c.google.com (mail-qa0-x22c.google.com [IPv6:2607:f8b0:400d:c00::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 3BFBC11E8294 for <openpgp@ietf.org>; Tue, 16 Jul 2013 04:31:55 -0700 (PDT)
Received: by mail-qa0-f44.google.com with SMTP id o13so2220983qaj.10 for <openpgp@ietf.org>; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=L+ye2lSdn15e711sfThdLauEQX4SliI8y63YfQ2jbnk=; b=R0v0ZQCJD2oAEKIeKlaIUMeyoPJCH49Ll4T93ERb3f0BMpOqm4gUffN6FPpgJb6S0k QFZvCnoN7rHNa2LH6aibF7Xcbd67zP+i97LFAU7Y4F6J8J0+uDdwh0HntBg7LsgUP9+R bbaUWBmlJ3JbRY7ioSBEchLI5Qnn3wWjELVj2xGQEDncg0uXR/3hPLpmfQqQJd6AQi4V 6QdLLInf3AvbYOu8meGhORL5aux0pZja+NrR9K2Fbq7ihGiJlQW+BpQOa+bsSC4EXRP5 8Ln4v3dE6CHrL7ow5MvaKawTmOCeXP5iu3Hv3eZr/wyaz5Gid2CLdQqVwMgZaxB7SEqr sG1w==
MIME-Version: 1.0
X-Received: by 10.49.48.83 with SMTP id j19mr1189143qen.56.1373974314676; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
Sender: benlaurie@gmail.com
Received: by 10.49.19.73 with HTTP; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
In-Reply-To: <51D360B2.1070709@gmx.com>
References: <51D360B2.1070709@gmx.com>
Date: Tue, 16 Jul 2013 12:31:54 +0100
X-Google-Sender-Auth: 4GHTBkpbN7qM22N5WG9XAB3p2Ts
Message-ID: <CAG5KPzybcunUE3wO90icgQK5EpWecGa1e5LzL+-57aCWPrqUsw@mail.gmail.com>
From: Ben Laurie <ben@links.org>
To: Ximin Luo <infinity0@gmx.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: openpgp@ietf.org
Subject: Re: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2013 11:31:56 -0000

On 3 July 2013 00:22, Ximin Luo <infinity0@gmx.com>; wrote:
> To openpgp@ietf.org,
>
> As per [1] and [2], sign-then-encrypt is only really secure as long as you do
> it on *all* the information that forms the message, some of which might be
> external to the message data itself. Crucially, this includes the recipient.
>
> What's the current status of this in the PGP/MIME standard? Is it still a
> problem? I notice that email subject headers are in a similar situation, and
> users have complained about it.[3] The problem of unencrypted/unauthenticated
> recipient is less obvious, so I haven't seen user complaints, but potentially
> it is more serious.

Not clear why this is an issue? Surely the fact the message is
encrypted to the recipient is sufficient?

> Although not explicitly mentioned in the previous citations, these are
> conceptually the same problem - i.e. you are only executing sign-then-encrypt
> on *part* of the data that should be secured. So, I believe that it's possible
> to work towards a single clean solution that fixes both problems.
>
> (Sorry if this has been asked before already, or if the problem has already
> been fixed; I did check the list archives but couldn't find anything on a quick
> scan, nor a quick session of web searching.)
>
> X
>
> [1]
> http://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign
> [2] http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html#CITEpgp
> [3] http://www.mozilla-enigmail.org/forum/viewtopic.php?f=9&t=328
>
> --
> GPG: 4096R/5FBBDBCE
> https://github.com/infinity0
> https://bitbucket.org/infinity0
> https://launchpad.net/~infinity0
>
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
>