[openpgp] signed/encrypted emails vs unsigned/unencrypted headers

Ximin Luo <infinity0@gmx.com> Tue, 02 July 2013 23:22 UTC

Return-Path: <infinity0@gmx.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C758C21F9A64 for <openpgp@ietfa.amsl.com>; Tue, 2 Jul 2013 16:22:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zA92iv0013Mk for <openpgp@ietfa.amsl.com>; Tue, 2 Jul 2013 16:22:29 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) by ietfa.amsl.com (Postfix) with ESMTP id D450321F9A71 for <openpgp@ietf.org>; Tue, 2 Jul 2013 16:22:27 -0700 (PDT)
Received: from [192.168.1.193] ([86.146.201.131]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0MADqP-1V4rGt2ywz-00BKpz for <openpgp@ietf.org>; Wed, 03 Jul 2013 01:22:26 +0200
Message-ID: <51D360B2.1070709@gmx.com>
Date: Wed, 03 Jul 2013 00:22:26 +0100
From: Ximin Luo <infinity0@gmx.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130518 Icedove/17.0.5
MIME-Version: 1.0
To: openpgp@ietf.org
X-Enigmail-Version: 1.5.1
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2VAOLFNADWSFUDNFALFUN"
X-Provags-ID: V03:K0:rGhrqN2PAPI9A1x600EFUV96ykGeVUbtnlpLaLvO4rSW+t2TJ40 g1N+Gny7Ih6y9i4yJWyfqInsSQDFtjv5D/McBBiz7fMIcrWfVgdVVF1sPZKYTq/KTrkvkVW EnFM6eaB5qW3oc7nmnvgNXDqDGAikeVbzwXfhzN66j3OTErwgFMRZEFUqSLOZIhdCrV71Li CFKY+ny3y8re1hypYycHw==
Subject: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2013 23:25:51 -0000

To openpgp@ietf.org,

As per [1] and [2], sign-then-encrypt is only really secure as long as you do
it on *all* the information that forms the message, some of which might be
external to the message data itself. Crucially, this includes the recipient.

What's the current status of this in the PGP/MIME standard? Is it still a
problem? I notice that email subject headers are in a similar situation, and
users have complained about it.[3] The problem of unencrypted/unauthenticated
recipient is less obvious, so I haven't seen user complaints, but potentially
it is more serious.

Although not explicitly mentioned in the previous citations, these are
conceptually the same problem - i.e. you are only executing sign-then-encrypt
on *part* of the data that should be secured. So, I believe that it's possible
to work towards a single clean solution that fixes both problems.

(Sorry if this has been asked before already, or if the problem has already
been fixed; I did check the list archives but couldn't find anything on a quick
scan, nor a quick session of web searching.)

X

[1]
http://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign
[2] http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html#CITEpgp
[3] http://www.mozilla-enigmail.org/forum/viewtopic.php?f=9&t=328

-- 
GPG: 4096R/5FBBDBCE
https://github.com/infinity0
https://bitbucket.org/infinity0
https://launchpad.net/~infinity0