Re: [openpgp] A way to securely define cleartext signature charset

Peter Pentchev <roam@ringlet.net> Sat, 08 September 2018 11:19 UTC

Return-Path: <roam@ringlet.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C42C41286E3 for <openpgp@ietfa.amsl.com>; Sat, 8 Sep 2018 04:19:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_ABOUTYOU=0.5, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sYsOtAiQz6EI for <openpgp@ietfa.amsl.com>; Sat, 8 Sep 2018 04:19:57 -0700 (PDT)
Received: from nimbus.fccf.net (nimbus.fccf.net [77.77.144.35]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9CE91277D2 for <openpgp@ietf.org>; Sat, 8 Sep 2018 04:19:57 -0700 (PDT)
Received: from straylight.m.ringlet.net (212-39-89-232.ip.btc-net.bg [212.39.89.232]) by nimbus.fccf.net (Postfix) with ESMTPSA id BF7E4331 for <openpgp@ietf.org>; Sat, 8 Sep 2018 14:19:54 +0300 (EEST)
Received: from roam (uid 1000) (envelope-from roam@ringlet.net) id 6208c9 by straylight.m.ringlet.net (DragonFly Mail Agent v0.11); Sat, 08 Sep 2018 14:19:53 +0300
Date: Sat, 08 Sep 2018 14:19:53 +0300
From: Peter Pentchev <roam@ringlet.net>
To: Andre Heinecke <aheinecke@intevation.de>
Cc: IETF OpenPGP <openpgp@ietf.org>
Message-ID: <20180908111953.GE5330@straylight.m.ringlet.net>
References: <1803390.QxyNr08ExB@esus>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="8nsIa27JVQLqB7/C"
Content-Disposition: inline
In-Reply-To: <1803390.QxyNr08ExB@esus>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/jcLiQVRxG1dpnbnTeU3iuKH5ma4>
Subject: Re: [openpgp] A way to securely define cleartext signature charset
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Sep 2018 11:20:00 -0000

On Fri, Sep 07, 2018 at 03:52:43PM +0200, Andre Heinecke wrote:
> Hi,
> 
> today I struggled for several hours with "charset guessing" code, that handles 
> cleartext signatures in outlook and I thought that maybe this situation could 
> be improved a bit in the future?
> 
> I dislike cleartext signatures as much as the next guy (probably more ;-) ).
> The points made in [1] are valid and such messages should not be used.
> But realistically I think that they won't go away.
> 
> My idea would be to define that after the Hash: header and the blank line 
> (which starts the hashing) that there can be:
> 
> Optionally a "Charset" Armor Header followed by one blank line,
> both included in the message digest.
> 
> So a message like:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Charset: UTF-8
> 
> This is än example mässäge.
> -----BEGIN PGP SIGNATURE-----

Hmm, is there any way to guard against a false positive identification of
an "old" message that just happens to start with such a line?  I can't
think of any off the top of my head...

Don't get me wrong, I *do* see the good things about your proposal.

Best regards,
Peter

-- 
Peter Pentchev  roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13