Re: [openpgp] Backwards compatibility vs streaming verification of v6 clearsigned messages
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 24 May 2023 20:42 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75BADC151555 for <openpgp@ietfa.amsl.com>; Wed, 24 May 2023 13:42:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.303
X-Spam-Level:
X-Spam-Status: No, score=-1.303 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="XKoNipN4"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="vC4Pnwx3"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zj94rt9huIrT for <openpgp@ietfa.amsl.com>; Wed, 24 May 2023 13:42:24 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 285C7C15107D for <openpgp@ietf.org>; Wed, 24 May 2023 13:42:23 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1684960942; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=O8eai0LUBNJ+DqcWve7h4nQvHYIYMyagIpcJq/vrApk=; b=XKoNipN4cLiVy8oyDsHxnCmx1pFxzAdjJXtxIIRt0TzEAQK9+4fUD7ttXmQOvBX0Pz5Px I+ov7D44HW6aemEDw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1684960942; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=O8eai0LUBNJ+DqcWve7h4nQvHYIYMyagIpcJq/vrApk=; b=vC4Pnwx30PD/VXu7HaRWlKsQGHCYEl//u6jAqk4pKEMzvKVqtrhwYCBnEKnjAaGrsEbSA Mf4vn4ZchreYGQDiRqHND2C2z0Z9KFvqNKv8NtV3n1viOUtvNAAnWxZ1Su15+GOKKEGykUB r16HPdsYnuHvmfHA5tI1X5KtFlt2eB3C/h2LFKKvAl/hUVLatYmkizVXI268OBro98IHpMD LGzDIBScWSMrPDx8p0UAGLP9ateLeppDIWqncU1hXyhQuN9oFB+NYwOM5XztRJ7rcZeqM6r OZlJyH9Egkwh/VWs5psCPd4RgAnpG/azwK6dNZfZVXgAcNuWhTzQGzWUgCoA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 2FDC8F9AD; Wed, 24 May 2023 16:42:22 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 3BACF206CA; Wed, 24 May 2023 15:08:24 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>
Cc: IETF OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <81A3295C-2849-4D3C-8856-3CCB562A050B@andrewg.com>
References: <LaSdaOASqnixctT3XuZHNIeldK2IPqJvHbqo_qkFjdrMBOQ4SKhiWl_76xq2P6l2Wts9rJ6MTTRLfpj9sqyG4_F4etjNcgEt6pmmtuyfsBY=@protonmail.com> <81A3295C-2849-4D3C-8856-3CCB562A050B@andrewg.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Wed, 24 May 2023 15:08:22 -0400
Message-ID: <87sfbl5yzd.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/H9A3gGrOueHI2TY6lwSuOAWn7Rc>
Subject: Re: [openpgp] Backwards compatibility vs streaming verification of v6 clearsigned messages
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2023 20:42:28 -0000
On Wed 2023-05-24 14:14:11 +0100, Andrew Gallagher wrote: > On 19 May 2023, at 15:42, Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org> wrote: >> >> In OpenPGP.js and GopenPGP, cleartext signed messages with header names >> other than "Hash" are rejected. The reason is to prevent messages like: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Reminder: I need you to wire $100k to 12345566 as soon as possible. >> >> Thank you! >> -----BEGIN PGP SIGNATURE----- >> [...] >> >> from being able to trick a user into thinking the entire message was >> signed. > > The most general (and compatible) solution would be to require that these headers are never displayed to the user. the thing about the cleartext signing framework is that it's designed (and i think intended) to work on data that will be viewed directly by a human in a program that knows nothing about OpenPGP. So "requiring that these headers are never displayed to the user" isn't really a possibility -- the rendering/display programs for the underlying data doesn't even need to know that the content is OpenPGP, so we can't impose any effective restrictions on viewer behavior. --dkg
- [openpgp] Backwards compatibility vs streaming ve… Daniel Huigens
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Kahn Gillmor
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Huigens
- Re: [openpgp] Backwards compatibility vs streamin… Justus Winter
- Re: [openpgp] Backwards compatibility vs streamin… Andrew Gallagher
- Re: [openpgp] Backwards compatibility vs streamin… Andrew Gallagher
- Re: [openpgp] Backwards compatibility vs streamin… Vincent Breitmoser
- Re: [openpgp] Backwards compatibility vs streamin… Andrew Gallagher
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Kahn Gillmor
- Re: [openpgp] Backwards compatibility vs streamin… Andrew Gallagher
- Re: [openpgp] Backwards compatibility vs streamin… Paul Wouters
- Re: [openpgp] Backwards compatibility vs streamin… iang
- Re: [openpgp] Backwards compatibility vs streamin… vedaal
- Re: [openpgp] Backwards compatibility vs streamin… Justus Winter
- Re: [openpgp] Backwards compatibility vs streamin… Vincent Breitmoser
- Re: [openpgp] Backwards compatibility vs streamin… Paul Wouters
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Huigens
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Kahn Gillmor
- Re: [openpgp] Backwards compatibility vs streamin… Daniel Kahn Gillmor