Re: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers
Ben Laurie <ben@links.org> Tue, 16 July 2013 11:31 UTC
Return-Path: <benlaurie@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78AD711E81C6 for <openpgp@ietfa.amsl.com>; Tue, 16 Jul 2013 04:31:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qP7o-kJFRUoP for <openpgp@ietfa.amsl.com>; Tue, 16 Jul 2013 04:31:55 -0700 (PDT)
Received: from mail-qa0-x22c.google.com (mail-qa0-x22c.google.com [IPv6:2607:f8b0:400d:c00::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 3BFBC11E8294 for <openpgp@ietf.org>; Tue, 16 Jul 2013 04:31:55 -0700 (PDT)
Received: by mail-qa0-f44.google.com with SMTP id o13so2220983qaj.10 for <openpgp@ietf.org>; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=L+ye2lSdn15e711sfThdLauEQX4SliI8y63YfQ2jbnk=; b=R0v0ZQCJD2oAEKIeKlaIUMeyoPJCH49Ll4T93ERb3f0BMpOqm4gUffN6FPpgJb6S0k QFZvCnoN7rHNa2LH6aibF7Xcbd67zP+i97LFAU7Y4F6J8J0+uDdwh0HntBg7LsgUP9+R bbaUWBmlJ3JbRY7ioSBEchLI5Qnn3wWjELVj2xGQEDncg0uXR/3hPLpmfQqQJd6AQi4V 6QdLLInf3AvbYOu8meGhORL5aux0pZja+NrR9K2Fbq7ihGiJlQW+BpQOa+bsSC4EXRP5 8Ln4v3dE6CHrL7ow5MvaKawTmOCeXP5iu3Hv3eZr/wyaz5Gid2CLdQqVwMgZaxB7SEqr sG1w==
MIME-Version: 1.0
X-Received: by 10.49.48.83 with SMTP id j19mr1189143qen.56.1373974314676; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
Sender: benlaurie@gmail.com
Received: by 10.49.19.73 with HTTP; Tue, 16 Jul 2013 04:31:54 -0700 (PDT)
In-Reply-To: <51D360B2.1070709@gmx.com>
References: <51D360B2.1070709@gmx.com>
Date: Tue, 16 Jul 2013 12:31:54 +0100
X-Google-Sender-Auth: 4GHTBkpbN7qM22N5WG9XAB3p2Ts
Message-ID: <CAG5KPzybcunUE3wO90icgQK5EpWecGa1e5LzL+-57aCWPrqUsw@mail.gmail.com>
From: Ben Laurie <ben@links.org>
To: Ximin Luo <infinity0@gmx.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: openpgp@ietf.org
Subject: Re: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2013 11:31:56 -0000
On 3 July 2013 00:22, Ximin Luo <infinity0@gmx.com> wrote: > To openpgp@ietf.org, > > As per [1] and [2], sign-then-encrypt is only really secure as long as you do > it on *all* the information that forms the message, some of which might be > external to the message data itself. Crucially, this includes the recipient. > > What's the current status of this in the PGP/MIME standard? Is it still a > problem? I notice that email subject headers are in a similar situation, and > users have complained about it.[3] The problem of unencrypted/unauthenticated > recipient is less obvious, so I haven't seen user complaints, but potentially > it is more serious. Not clear why this is an issue? Surely the fact the message is encrypted to the recipient is sufficient? > Although not explicitly mentioned in the previous citations, these are > conceptually the same problem - i.e. you are only executing sign-then-encrypt > on *part* of the data that should be secured. So, I believe that it's possible > to work towards a single clean solution that fixes both problems. > > (Sorry if this has been asked before already, or if the problem has already > been fixed; I did check the list archives but couldn't find anything on a quick > scan, nor a quick session of web searching.) > > X > > [1] > http://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign > [2] http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html#CITEpgp > [3] http://www.mozilla-enigmail.org/forum/viewtopic.php?f=9&t=328 > > -- > GPG: 4096R/5FBBDBCE > https://github.com/infinity0 > https://bitbucket.org/infinity0 > https://launchpad.net/~infinity0 > > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp >
- [openpgp] signed/encrypted emails vs unsigned/une… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Werner Koch
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Werner Koch
- Re: [openpgp] signed/encrypted emails vs unsigned… Ben Laurie
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Werner Koch
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Werner Koch
- Re: [openpgp] signed/encrypted emails vs unsigned… Ben Laurie
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo
- Re: [openpgp] signed/encrypted emails vs unsigned… Daniel Kahn Gillmor
- Re: [openpgp] signed/encrypted emails vs unsigned… Ximin Luo